OTPme: Issueshttps://www.otpme.org/redmine/https://www.otpme.org/redmine/redmine/favicon.ico?16699090422015-07-04T01:07:55ZOTPme
Redmine Feature #47 (In Bearbeitung): add support for a second factor token (e.g. HOTP) to add some addit...https://www.otpme.org/redmine/issues/472015-07-04T01:07:55ZThe 2nd
<p>it should be possible to combine an ssh-token with an other token (e.g HOTP) to require an OTP beside the ssh private key for login</p> Feature #46 (In Bearbeitung): add ssh-token support for authentication with OTPme daemonshttps://www.otpme.org/redmine/issues/462015-07-04T01:01:57ZThe 2nd
<p>this feature is implemented using an ssh token that holds the public key of the user. otpme command line tools use a running ssh-agent/gpg-agent to authenticate against otpme daemons.</p> Feature #45 (In Bearbeitung): add backend encryption for all sensitive datahttps://www.otpme.org/redmine/issues/452015-04-05T16:52:30ZThe 2nd
<p>we should not save password (hashes), PINs etc. in plaintext.</p> Feature #43 (In Bearbeitung): QR-Code based token rollouthttps://www.otpme.org/redmine/issues/432015-03-28T14:33:12ZThe 2nd
<p>OTPme should support QR-Code generation for at least HOTP/TOTP tokens to be used with e.g. the yubico authenticator.</p> Feature #41 (In Bearbeitung): Add daemon mode to OTPmehttps://www.otpme.org/redmine/issues/412015-02-08T15:14:49ZThe 2nd
<p>we need this for many features including cluster support.</p> Feature #39 (Neu): add cluster support to OTPmehttps://www.otpme.org/redmine/issues/392015-02-03T18:24:12ZThe 2nd
it should be possible to cluster OTPme (failover and load balancing). using a concept similar to ganeti would be great.
<ul>
<li>add a cluster master that owns the cluster IP
<ul>
<li>always connect to cluster IP when changing cluster config</li>
<li>automatic master failover should be possible
<ul>
<li>how to handle two-node clusters? (no quorum?)<br />... to be continued ;)</li>
</ul></li>
</ul></li>
</ul> Feature #37 (Neu): implement support for different hash types for CTP generation in roundcube pluginhttps://www.otpme.org/redmine/issues/372015-02-02T20:34:37ZThe 2nd
<p>the roundcube plugin should support different hash types for CTP generation which was added to OTPme (see parent ticket)</p> Feature #29 (Neu): add support for mod_auth_pubtkthttps://www.otpme.org/redmine/issues/292015-01-24T13:49:59ZThe 2nd
<p>see <a class="external" href="https://neon1.net/mod_auth_pubtkt/">https://neon1.net/mod_auth_pubtkt/</a> for infos</p>
<ul>
<li>generate login page with python?
<ul>
<li>add support for CTP and SLP</li>
<li>implement plugin system to add SSO support for different third party software
<ul>
<li>roundcube</li>
<li>otrs</li>
<li>redmine</li>
<li>phpmyadmin</li>
<li>zarafa</li>
<li>.....</li>
</ul></li>
</ul></li>
</ul> Feature #28 (Neu): add phpmyadmin sample confighttps://www.otpme.org/redmine/issues/282015-01-24T13:46:28ZThe 2nd
<p><a class="external" href="https://wiki.phpmyadmin.net/pma/Auth_types">https://wiki.phpmyadmin.net/pma/Auth_types</a></p>
<ul>
<li>auth_type signon looks promising
<ul>
<li>use e.g. mod_auth_radius for authentication</li>
</ul></li>
</ul>
<ul>
<li>maybe we can add CTP support?</li>
</ul> Feature #27 (Neu): add sample config for mysql using pam_radiushttps://www.otpme.org/redmine/issues/272015-01-24T13:35:30ZThe 2nd
<p><a class="external" href="http://dev.mysql.com/doc/refman/5.5/en/pam-authentication-plugin.html">http://dev.mysql.com/doc/refman/5.5/en/pam-authentication-plugin.html</a></p> Feature #26 (Neu): add sample config for openvpn authenticationhttps://www.otpme.org/redmine/issues/262015-01-24T13:32:45ZThe 2nd
<p>- use radius to pass credentials to OTPme?<br />- openvpn plugin exists but unmaintained?<br />- writing a auth script should be easy!</p> Feature #25 (In Bearbeitung): add "force token type" to groupshttps://www.otpme.org/redmine/issues/252015-01-23T22:28:26ZThe 2nd
<p>we should be able to force specific token types per group to prevent an admin from adding a token with the wrong type to an access group</p> Feature #9 (In Bearbeitung): add -f option to disable any user question for cli toolshttps://www.otpme.org/redmine/issues/92015-01-14T17:01:57ZThe 2nd
<p>cli tools should have a force (-f) option to disable user confirmation (needed for scripts)</p> Feature #4 (Neu): add motp offsethttps://www.otpme.org/redmine/issues/42015-01-11T17:44:13ZThe 2nd
<p>currently this is an undocumented (incomplete) feature and offset is in 10 second timestep.</p>
<p>- offset should be given in minutes<br />- should we show offset in token overview? do other otp token types also have an offset?</p> Feature #2 (In Bearbeitung): add auto-disable option for usershttps://www.otpme.org/redmine/issues/22015-01-11T17:27:59ZThe 2nd
<p>add an option to automatically disable user (also for groups and tokens? and for user/group relation?)<br />- after a given time<br />- after x logins (max_logins)</p>
<p>maybe we should also add enabled/disabled times per user, token group etc.?</p>