privacyIDEA is a multi-factor authentication solution. It can manage any type of authentication device. All common OTP (one time password) devices are supported, including Google Authenticator, eToken Pass, OTP cards, Yubikey, SMSOTP, and mTAN/mobileTAN. New devices can be added easily. Users can be retrieved from flat files, LDAP, Active Directory, SQL databases, and SCIM services. It can also handle authorization and writes all events to a digitally signed audit log, giving you basic AAA functionality.
python-pskc is a Python library that handles Portable Symmetric Key Container (PSKC) files as defined in RFC6030. PSKC files are used to transport and provision symmetric keys (seed files) to different types of crypto modules, commonly one-time password tokens or other authentication devices.
Collax Business Server is an all-in-one Linux server for small- and medium-sized businesses. It delivers all the important network services within a heterogeneous business environment for communication, infrastructure, compliance, groupware, and storage, all in a reliable and secure way which is easy to manage. It also provides essential security functions such as firewalling and virus and spam filtering, to protect against hacker attacks, viruses, and unsolicited email messages.
The Collax Security Gateway is a Unified Threat Management (UTM) Solution for small- and medium-sized businesses. It includes an easy to configure stateful inspection firewall, email security features including anti-spam and anti-virus, Internet access control, Internet SSL interception, Internet networking optimization tools, Internet network fault tolerance, clientless VPN technology, and remote administration.
Nowadays, a simple password is not enough anymore! Multi-OTP is an OATH-certified PHP class, a Web interface, and a powerful command line tool that can be used to authenticate and manage OTP user tokens for strong two-factor authentication. It can create, update, and delete tokens to authenticate users with one time passwords (OTP). The users' data are stored in files. The class can also check the user token using several algorithms: Mobile OTP (MOTP), OATH/HOTP (RFC 4226), and OATH/TOTP HOTP Time Based (RFC 4226 extension). It works with compatible software tokens (iPhone, Android, PalmOS, Nokia, and other Java J2ME capable phones) and hardware tokens (such as Feitian, ZyXEL, Authenex, or Seamoon). The multiotp command line utility is also provided, both in "compiled" form (for Windows) and in source code (for Linux or educational purpose). The multiotp command line can be combined with FreeRADIUS (under Linux) or the free TekRADIUS LT (under Windows) in order to have a powerful radius strong authentication server.
LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.
LemonLDAP::NG is a modular Web SSO based on Apache::Session modules. It simplifies the building of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting, so you can have full AAA protection for your Web space. LemonLDAP::NG is a complete rewrite of LemonLDAP. All components needed to use it and to administer it are included in the tarball. However, all modules developed for LemonLDAP may not work with LemonLDAP::NG.
The OATH Toolkit makes it easy to build one-time password authentication systems. It contains shared libraries, commandline tools, and a PAM module. Supported technologies include the event-based HOTP algorithm (RFC4226) and the time-based TOTP algorithm (RFC6238). OATH stands for Open AuTHentication, which is the organization which specifies the algorithms. For managing secret key files, the Portable Symmetric Key Container (PSKC) format described in RFC6030 is supported.
Sphirewall is a user-centric analytical network firewall/router. Out-of-the box, it provides user authentication coupled with powerful analytics which provide you with complete control over your network and users. With Sphirewall, you can manage and understand what is happening on your network with features such as qos, bandwidth quotas, user authentication, and much more. Not built on iptables, it is able to do things which other Open Source firewalls can't. Its very flexible, and with its open JSON API, can easily be plugged into any existing environment.
YAMIdentd aims at being a simple, small, and functional ident daemon that can both process local requests and forward requests triggered by masqueraded hosts (when it is running on a Linux gateway). It currently only runs on Linux (2.4 and 2.6, 2.2 untested). The daemon can forward to any ident daemon that accepts forwarded requests. The code aims at being stable, fast, and RFC 1413 compliant. It is meant to be run from inetd. It doesn't use any configuration file. It should do the right thing automagically.