OTPme: Issueshttps://www.otpme.org/redmine/https://www.otpme.org/redmine/redmine/favicon.ico?16699090422015-07-26T21:14:50ZOTPme
Redmine Fehler #51 (Erledigt): remove sessions of user/token on deletehttps://www.otpme.org/redmine/issues/512015-07-26T21:14:50ZThe 2nd
<p>if a user/token gets deleted all session that belong to it should be deleted</p> Feature #44 (Erledigt): add optional PIN to OATH OTPshttps://www.otpme.org/redmine/issues/442015-03-29T14:10:36ZThe 2nd
<p>OTPme should support optional PINs as prefix of an (OATH) OTP. this makes integration easier as there is no need for an extra input field at the login mask.</p> Feature #42 (Erledigt): add OATH supporthttps://www.otpme.org/redmine/issues/422015-03-28T12:43:15ZThe 2nd
<p>we should support HOTP (counter based) and TOTP (time based) OTP tokens:</p>
<p><a class="external" href="http://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm">http://en.wikipedia.org/wiki/HMAC-based_One-time_Password_Algorithm</a></p> Fehler #40 (Erledigt): disable clients does not workhttps://www.otpme.org/redmine/issues/402015-02-08T15:04:27ZThe 2nd
<p>all 0.1 beta an -rc releases misses this feature. will be fixed soon.</p> Feature #38 (Erledigt): add support for push-token (e.g. sms)https://www.otpme.org/redmine/issues/382015-02-03T18:08:16ZThe 2nd
there should be a token type, with a static password, that will generate an OTP for the user and send it via SMS.
<ul>
<li>instead of sending the OTP it should be passed to an external script for delivery</li>
<li>it should be possible to add a phone number to the token which will be passed to the delivery script</li>
</ul> Fehler #36 (Erledigt): setting group max_fail should disable lockinghttps://www.otpme.org/redmine/issues/362015-02-01T19:43:30ZThe 2nd
<p>current behavior: when max_fail is set to 0 users are always locked for this group<br />desired behavior: when max_fail is set to 0 users should never be locked for the group, regardless of their login fail count for the group</p> Fehler #35 (Erledigt): session timeout pass on is not done recursivehttps://www.otpme.org/redmine/issues/352015-02-01T19:20:52ZThe 2nd
<p>session timeouts are only passed on to direct child sessions and not recursive.</p> Fehler #34 (Erledigt): setting user description does not workhttps://www.otpme.org/redmine/issues/342015-01-31T21:14:50ZThe 2nd
<p>otpme-user description admin "admin" <br />NameError: name 'get_val' is not defined</p> Feature #33 (Erledigt): implement module to be used with freeradius rlm_pythonhttps://www.otpme.org/redmine/issues/332015-01-25T18:18:30ZThe 2nd
<p>using a python module should perform better than calling otpme as a script via "exec" modul.</p>
<p>there are examples available:<br /><a class="external" href="https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_python/example.py">https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_python/example.py</a><br /><a class="external" href="https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_python/prepaid.py">https://github.com/FreeRADIUS/freeradius-server/blob/master/src/modules/rlm_python/prepaid.py</a></p> Feature #32 (Erledigt): add sample config for openldaphttps://www.otpme.org/redmine/issues/322015-01-25T00:07:42ZThe 2nd
slapd can authenticate users via saslauthd.
<ul>
<li>user password needs to be set to "{SASL}username" (e.g. {SASL}joe)</li>
</ul>
there is also a request to add a feature for this to <a class="external" href="http://lam.sf.net">http://lam.sf.net</a> which should be added to the documenation
<ul>
<li><a class="external" href="http://sourceforge.net/p/lam/mailman/message/33229522/">http://sourceforge.net/p/lam/mailman/message/33229522/</a></li>
</ul> Feature #31 (Erledigt): child sessions should be identifiable via "otpme-session show"https://www.otpme.org/redmine/issues/312015-01-24T19:18:26ZThe 2nd
<ul>
<li>indent child session names</li>
<li>mark parent session ids with a tailing asterisk</li>
</ul> Feature #30 (Erledigt): add option to configure hash type for CTP and SLP generationhttps://www.otpme.org/redmine/issues/302015-01-24T14:56:50ZThe 2nd
this should improve protection against dictionary attacks if someone was able to keylogg/sniff both, the OTP and the CTP
<ul>
<li>we should split e.g. a 128 char hash into four 32 char strings and choose a random one for CTP/SLP creation
<ul>
<li>this should be configurable per client because some clients may not support any hash type (e.g. sha512)</li>
</ul></li>
</ul> Feature #24 (Erledigt): add bash completion for OTPme commandshttps://www.otpme.org/redmine/issues/242015-01-23T17:33:47ZThe 2nd
<p>command completion is a must for cool projects ;)</p> Feature #23 (Erledigt): modify log_passwords feature for logging of all auth infos (e.g. challeng...https://www.otpme.org/redmine/issues/232015-01-22T18:59:05ZThe 2nd
<p>valid auth info variables:<br />- password<br />- otp<br />- trust password<br />- otp that was used to generate the trust password<br />- ntlm challenge<br />- ntlm response<br />- nt_key</p> Feature #22 (Erledigt): add option to force CTP usagehttps://www.otpme.org/redmine/issues/222015-01-21T22:58:11ZThe 2nd
<p>- per client<br />- and per group?</p>