pam_usb is a PAM module that enables either two-factor or password-less authentication using a USB storage device (such as a USB flash memory stick). It works with any application supporting PAM, such as su or any login manager (GDM, KDM), etc. The pam_usb package also contains pamusb-agent, a daemon that can trigger actions (such as locking the screen) upon device authentication and removal.
The pam_usbng package has been written to make everyday use of Linux systems more comfortable and more secure. It allows users to transparently authenticate through commodity storage devices, while its primary focus is on USB flash drives. It's capable of multiuser/multitoken authentication, physical device dependency, one-time-passwords, recovery devices, 2-factor authentication, and much more. With an easy-to-use wizard and an expandable event-based scripting interface, you can easily handle much more than normal authentication.
pam_userpass is a PAM module for use specifically by services implementing non-interactive protocols and wishing to verify a username/password pair. It uses Linux-PAM binary prompts to make it possible for applications to no longer make the flawed assumption that PAM_PROMPT_ECHO_ON requests the username and PAM_PROMPT_ECHO_OFF requests the password. It doesn't perform any actual user authentication; that is left up to further modules in the PAM stack (e.g., to pam_tcb or pam_unix).
Passfilter provides you with a terminal that has certain words blacklisted. Upon entering a predefined character sequence (defined as an MD5 sum), the terminal will erase the written characters with backspace, give an error message, and wait until the line is finished with the Enter key. The use case would be to stop you from accidentally entering passwords to IRC or possibly to other hosts, which could be compromised and could be logging your entry.
passwdqc is a password/passphrase strength checking and policy enforcement tool set, including an optional PAM module (pam_passwdqc), command-line programs (pwqcheck and pwqgen), and a library (libpasswdqc). On systems with PAM, pam_passwdqc is normally invoked on password changes by programs such as passwd(1). It is capable of checking password or passphrase strength, enforcing a policy, and offering randomly-generated passphrases, with all of these features being optional and easily (re-)configurable. pwqcheck and pwqgen are standalone password/passphrase strength checking and random passphrase generator programs, respectively, and are usable from scripts. libpasswdqc is the underlying library, which may also be used from third-party programs.
pdumpq can be used to take queued packets from netfilter/iptables and dump them to a file that decoders like tcpdump, ethereal, and snort can read. You can also just pipe it through to the packet decoder and see what is in those packets as they come in. This is also an easy way to populate your snort alert database with iptables data. Its features include automatic dumpfile rotation, filter on firewall marks and issue per-mark verdicts, and optional emailing of decoded packet dumps.
RFC 2015 defines a proposed Internet standard for sending PGP-encrypted email. This PGP/MIME has been incorporated into several MUAs such as Mutt and (with the AEGYPTEN project) KMail. However, a lot of email clients still don't support it. pgp-mime-handler can decrypt/verify such messages via a pipe, so it can be used as an email filter in many programs or scripts.