Hi Matthew, * Matthew Johnson <debian@matthew.ath.cx> [2007-03-14 16:50]: > Dear mentors, I am looking for a sponsor for my package otpw. > > Package name : otpw > Version : 1.3 > Upstream Author : Markus Kuhn > * URL : http://www.cl.cam.ac.uk/~mgk25/download/otpw-1.3.tar.gz > * License : GPL2 > Description : A One-time password system for PAM-compatible login programs. > > The OTPW package consists of the one-time-password generator otpw-gen > plus two verification routines otpw_prepare() and otpw_verify() that can > easily be added to programs such as login or ftpd on POSIX systems. For > platforms that support the Pluggable Authentication Method (PAM) > interface, a suitable wrapper is included as well. Login software > extended this way will allow reasonably secure user authentication over > insecure network lines. The user carries a password list on paper. The > scheme is designed to be robust against theft of the paper list and > race-for-the-last-letter attacks. Cryptographic hash values of the > one-time passwords are stored for verification in the user???s home > directory. [...] From what you describe here I am not sure how this program differ from libpam-opie, opie-client and opie-server which are already in Debian. What are the differences? Kind regards Nico -- Nico Golde - http://www.ngolde.de JAB: nion@jabber.ccc.de - GPG: 0x73647CFF Forget about that mouse with 3/4/5 buttons, gimme a keyboard with 103/104/105 keys!
Attachment:
pgpvM1YmeslMz.pgp
Description: PGP signature