pam_sotp 0.3.3 review

Download
by rbytes.net on

pam_sotp PAM module provides support for One Time Passwords (OTP) authentication

License: GPL (GNU General Public License)
File size: 105K
Developer: Pedro Diaz
0 stars award from rbytes.net

pam_sotp PAM module provides support for One Time Passwords (OTP) authentication. The "s" in "sotp" stands for "simple"; pam_sotp aims to be a simple, easy to configure, module.

pam_sotp is still under early stages of development. Although it seems to work pretty well be warned that this software could contain severe bugs that may put at risk the security of your system. Until a stable release is reached you are advised to not use pam_sotp on mission-critical systems or production servers.

Having said that, it seems that the software is reaching an stable stage. I've received several reports about pam_sotp being used without problems in several configurations.

This project is way too small to have a serious roadmap, but anyways I guess that some of you would like to know what are my short/medium term plans for pam_sotp, so here they are:

Release pam_sotp 0.4.0, with some patches I received and other improvements I have in mind
Maintain the 0.4.x branch until it becomes stable
Release a couple of 1.0 release candidates and then finally pam_sotp 1.0
Maintain the 1.0 branch

What's New in This Release:
Added disable and enable commands to otppasswd
Bugfix: SGID shadow applications could not authenticate against pam_sotp (some SUID code somehow remained in pam_sotp)

pam_sotp 0.3.3 keywords