Project

General

Profile

Activity

From 04 December 2015 to 02 January 2016

01 January 2016

19:49 Feature #70: Implement argon2 support for AES key derivation
* Maybe we should use pyzxcvbn to implement dynamic iterations based on password strength
* We also should consider...
The 2nd

31 December 2015

20:08 Feature #70 (In Bearbeitung): Implement argon2 support for AES key derivation
* https://password-hashing.net/
* https://pypi.python.org/pypi/argon2
The 2nd
14:32 Feature #66 (In Bearbeitung): Allow usage of U2F token as second factor token with "password" tokens
* Implemented offline logins with U2F tokens
** Extended the OTPme PAM module to support "nullok" to allow usage of ...
The 2nd

30 December 2015

03:02 Feature #69 (In Bearbeitung): Add support for user/group resolving via libnss
* To make OTPme users/groups available as linux system users we should support libnss
* Current implementation uses ...
The 2nd
02:46 Feature #62 (In Bearbeitung): Implement user authorization script
The 2nd
02:41 Feature #68: Add optional support for signing authentication replies
* Current implementation sends a challenge with the authentication request which is added to a JWT signed with the pu... The 2nd

24 December 2015

12:19 Feature #68 (In Bearbeitung): Add optional support for signing authentication replies
* The client should send a challenge to the OTPme server that will be signed with its public key
** This reduces the...
The 2nd

18 December 2015

22:25 Feature #66: Allow usage of U2F token as second factor token with "password" tokens
* Implemented usage of U2F tokens as second factor token with static password tokens
* Currently this can only be us...
The 2nd
22:20 Feature #67 (In Bearbeitung): Implement deployment of SSH public keys
* OTPme hostd/noded should deploy SSH public keys of tokens assigend to their host
* We may use openssh's Authorized...
The 2nd

17 December 2015

19:59 Feature #66 (In Bearbeitung): Allow usage of U2F token as second factor token with "password" tokens
* The first factor should be a static password that can be used to encrypt offline token and session
* The second fa...
The 2nd

13 December 2015

14:33 Feature #65 (In Bearbeitung): implement revoking of script signatures
* It should be possible to revoke a script signature to invalidate a script The 2nd

08 December 2015

23:08 Feature #64 (In Bearbeitung): Implement U2F token
* Implemented counter check using the token counter mechanism for synchronization between nodes/hosts The 2nd

07 December 2015

00:36 Feature #64: Implement U2F token
Implemented first working version that can be used to do OTPme realm authentication.
* Checking U2F counter needs ...
The 2nd
 

Also available in: Atom