uToken
01) INFO
uToken is an authentication system that allows you to use time based tokens as a prefix to your password.
It consists of a PAM module and a Java application for mobile phones.
02) LICENSE
The project is developed under the terms of the
GNU General Public License version 3.
The uToken PHP library is licensed under
GNU Lesser General Public License version 3 (LGPL),
so you can link it with your proprietary code.
03) CURRENT VERSION
The latest version of the pam_utoken PAM module is 1.1.0.
The latest version of the uToken Java application for mobile phones is 1.1.0.
The latest version of the uToken PHP library is 1.1.0.
04) REQUIREMENTS
You will need a Linux machine supporting
PAM.
uToken should also work on other platforms with PAM-based authentication.
05) DOWNLOAD
You can download uToken from form the
project download site hosted on sourceforge.net.
06) INSTALLATION
First, you have to compile, install and configure the uToken PAM module.
You will need a GCC compiler and development packages for PAM and OpenSSL installed. Also you need root privilages.
Enter
pam_utoken directory and execute command:
make && make install
Now edit
/etc/pam.d/common-auth (or any other suitable file) and before other authentication modules add this line:
auth [success=done new_authtok_reqd=done user_unknown=ignore ignore=ignore default=die] pam_utoken.so
and save the file. From now on the uToken PAM module is active.
However all logins will still be forwarded to the default authentication modules, as there are none uToken users defined.
You can change this by editing the /etc/utoken/classes file. It contains instructions how to do this.
The very last thing to do is to install the uToken Java application on your mobile phone and fill in your configuration data.
07) CHANGE LOG
1.1.0:
- pam_utoken rewritten in C instead of C++
- logon limit feature added
- uToken PHP library added
- minor changes to uToken Java application
- some bug fixes
1.0.0:
- first release
08) TO DO
- add a configuration tool, so that users can edit their classes, change passwords, etc.