uToken




01) INFO

uToken is an authentication system that allows you to use time based tokens as a prefix to your password.
It consists of a PAM module and a Java application for mobile phones.



02) LICENSE

The project is developed under the terms of the GNU General Public License version 3.

The uToken PHP library is licensed under GNU Lesser General Public License version 3 (LGPL),
so you can link it with your proprietary code.



03) CURRENT VERSION

The latest version of the pam_utoken PAM module is 1.1.0.
The latest version of the uToken Java application for mobile phones is 1.1.0.
The latest version of the uToken PHP library is 1.1.0.



04) REQUIREMENTS

You will need a Linux machine supporting PAM.
uToken should also work on other platforms with PAM-based authentication.



05) DOWNLOAD

You can download uToken from form the project download site hosted on sourceforge.net.



06) INSTALLATION

First, you have to compile, install and configure the uToken PAM module.

You will need a GCC compiler and development packages for PAM and OpenSSL installed. Also you need root privilages.

Enter pam_utoken directory and execute command: make && make install

Now edit /etc/pam.d/common-auth (or any other suitable file) and before other authentication modules add this line:
auth    [success=done new_authtok_reqd=done user_unknown=ignore ignore=ignore default=die]    pam_utoken.so
and save the file. From now on the uToken PAM module is active.

However all logins will still be forwarded to the default authentication modules, as there are none uToken users defined.
You can change this by editing the /etc/utoken/classes file. It contains instructions how to do this.

The very last thing to do is to install the uToken Java application on your mobile phone and fill in your configuration data.



07) CHANGE LOG

1.1.0:
- pam_utoken rewritten in C instead of C++
- logon limit feature added
- uToken PHP library added
- minor changes to uToken Java application
- some bug fixes

1.0.0:
- first release



08) TO DO

- add a configuration tool, so that users can edit their classes, change passwords, etc.