LinOTP

LinOTP
Developer(s)	KeyIdentity GmbH
Initial release	March 1, 2010
Stable release	2.12.3 / April 7, 2021; 3 years ago
Preview release	3.0rc4 / March 18, 2021; 3 years ago
Repository	github.com/LinOTP/LinOTP
Written in	Python
Operating system	Linux
Available in	English, German
Type	OTP Authentication server
License	AGPLv3, GPLv2
Website	www.linotp.org

LinOTP is Linux-based software to manage authentication devices for two-factor authentication with one time passwords. It is implemented as a web service based on the python framework Pylons. Thus it requires a web server to run in.

LinOTP is mainly developed by the German company KeyIdentity GmbH. Its core components are licensed under the Affero General Public License.

It is an open source authentication server certified^[2] by the OATH initiative for open authentication for its 2.4 version.

Overview edit

As a web service, LinOTP provides a REST-like web API.^[3] All functions can be accessed via Pylons controllers. Responses are returned as a JSON object.

LinOTP is designed in a modular way, enabling user store modules and token modules. Thus, it is capable of supporting a wide range of different tokens.^[4]

Features edit

Supported tokens:^[5]

SafeNet eToken Pass
SafeNet Safeword Alpine
mOTP
Lost token
Paper token
Feitian C-100 (HOTP)
Feitian]] C-200 (TOTP)
Feitian C-300 (OCRA)
Feitian c601 (optical OCRA)
Authenex A-Key V 3.6
Yubico Yubikey
Gemalto Ezio Token
Smartdisplayer
NagraID 106/103
NagraID 306 (OCRA)
BR Token SafeSIGNATURE
LSE Simple Pass token
LSE Remote Token
LSE Radius Token
LSE Tagespasswort Token
Apps for iPhone and Android like the Google Authenticator
Any HOTP/ TOTP and OCRA Token

Yubikey mass enrollment via CLI
support for token databases like sqlite, mysql, postgresql, oracle, db2
management via web interface or command line client
Users stored in flat files
PAM module
SAML
OpenID
FreeRADIUS connection via rlm_perl
Selfservice
Import of XML Token files
Management functions:

enroll/assign tokens
synchronize, resynchronize, automatic resychronization
activate/deactivate/delete tokens
autoassignment
lost token scenario
find token by OTP value
get OTP value

Detailed Policies Definitions
Sophisticated Audit API
Multitenancy

Source Code edit

Being written in Python the program itself comes as the source code.

Project web site edit

lintop

References edit

^ ^a ^b "Releases · LinOTP/LinOTP". github.com. Retrieved 2021-04-14.
^ "OATH certified authentication server". Initiative for open authentication. Archived from the original on 28 May 2013. Retrieved 20 May 2013.
^ "LinOTP API". LinOTP. Retrieved 14 Nov 2013.
^ Proctor, W. Cyrus; Storm, Patrick; Hanlon, Matthew R.; Mendoza, Nathaniel (2017-11-12). "Securing HPC: Development of a low cost, open source multi-factor authentication infrastructure". Proceedings of the International Conference for High Performance Computing, Networking, Storage and Analysis. ACM. pp. 1–11. doi:10.1145/3126908.3126957. ISBN 978-1-4503-5114-0.
^ "LinOTP Features". LinOTP. Retrieved 20 May 2013.

[releases-1] "Releases · LinOTP/LinOTP". github.com. Retrieved 2021-04-14.

[2] "OATH certified authentication server". Initiative for open authentication. Archived from the original on 28 May 2013. Retrieved 20 May 2013.

[3] "LinOTP API". LinOTP. Retrieved 14 Nov 2013.

[4] Proctor, W. Cyrus; Storm, Patrick; Hanlon, Matthew R.; Mendoza, Nathaniel (2017-11-12). "Securing HPC: Development of a low cost, open source multi-factor authentication infrastructure". Proceedings of the International Conference for High Performance Computing, Networking, Storage and Analysis. ACM. pp. 1–11. doi:10.1145/3126908.3126957. ISBN 978-1-4503-5114-0.

[5] "LinOTP Features". LinOTP. Retrieved 20 May 2013.

[1]

[2]

[3]

[4]

[5]