OTPlient: Yemahara TOTP uye HOTP tokeni maneja ine yakavakirwa-mukati encryption

OTPlient: Yemahara TOTP uye HOTP tokeni maneja ine yakavakirwa-mukati encryption

Mukutanga kwegore, takaita chinyorwa chikuru chine chekuita nedingindira re Kuchengetedzwa kweruzivo. Kunyanya kunyanya panyaya yekushandiswa kwe 2FA tekinoroji, inozivikanwa zviri nani muchiSpanish, se "Double Authentication Factor" o "Zvinhu zviviri-chokwadi". Uye zvakare pane maitiro ekuisa proprietary application inonzi Google Authenticator uye Twilio Auth, uchishandisa graphical application inonzi GNOME software. Tichiri nhasi, tichaongorora runhare rwemahara uye rwakavhurika "OTPClient".

iyo isiri chinhu chinopfuura a GTK+ application yekugadzirisa TOTP uye HOTP tokeni ine yakavakirwa-mukati encryption, ndiko kuti, kubata maviri-factor authentication, inotsigira ese ari maviri nguva-based one-time passwords (TOTP), se HMAC-based one-time passwords (HOTP).

2FA paLinux: Maitiro ekuisa Google Authenticator uye Twilio Authy?

Uye semazuva ese, tisati tapinda mumusoro wanhasi nezve application "OTPClient", uye kunyanya pa shanduro iripo "2.4.9.1" inowanikwa mune flatpak fomati, isu tichasiira kune avo vanofarira zvinotevera zvinongedzo kune mamwe apfuura ane hukama mameseji. Nenzira yekuti vanogona kuzviongorora zviri nyore, kana zvichidikanwa, mushure mekupedza kuverenga bhuku iri:

"Tekinoroji ye "2FA", inozivikanwa muchiSpanish se "Double Factor Authentication" kana "Two-Factor Authentication", inzira yekudzivirira yakanakisa, sezvo ichiisa imwezve nhanho yekusimbisa mumabasa edu. Uye kushandisa tekinoroji iyi, kune akawanda maapplication akadai seGoogle Authenticator uye Twilio Authy. Izvo, pano tichaona maitiro ekuamisa paGNU/Linux". 2FA paLinux: Maitiro ekuisa Google Authenticator uye Twilio Authy?

Nyaya inoenderana:

Google ichagonesa maviri-chinhu chechokwadi nekusarudzika kwemunhu wese

Nyaya inoenderana:

Google iri kushanda pachinhu chitsva chemvumo che2FA icho chichange chakavakirwa paQR

OTPClient: GTK+ Software for Two-Factor Authentication

Chii chinonzi OTPClient?

Zvinoenderana nevagadziri vayo, mune yayo yepamutemo webhusaiti paGitHub, inotsanangurwa muchidimbu seinotevera:

"Iyo mutengi weOTP yakanyorwa muC/GTK, inotsigira TOTP neHOTP. Naizvozvo, yakachengeteka zvakanyanya uye iri nyore kushandisa kune mbiri-chinhu chechokwadi, inotsigira ese ari maviri-akavakirwa-nguva-imwe-pasiwedhi (TOTP) uye HMAC-yakavakirwa-imwe-nguva mapassword (HOTP).".

Ipo, mune yake webhusaiti yepamutemo paFlatHub, itsanangure zvakanyanya sezvizvi:

"Zviri nyore kushandisa GTK application kubata zvakachengeteka TOTP uye HOTP tokeni. Mariri, zvirimo zvakavharirwa padhisiki uchishandisa AES256-GCM uye master password inowanikwa uchishandisa PBKDF2 ine 100k iterations uye SHA512 seye hash algorithm. Zvakare, inobvumira kupinza / kutumira kunze ma backups kubva/kuOTP, uye kuendesa ma backups kubva kuAuthenticator+ app.".

Zviratidzo

Parizvino, mamwe ake akatanhamara maficha Ndizvo:

1. Tsigira kugadzwa kwedhijiti (pakati pe4 negumi inosanganisirwa).
2. Inokutendera iwe kuseta nguva yetsika (pakati pegumi negumi nemakumi maviri masekonzi inosanganisirwa).
3. Iyo database yemuno yakavharidzirwa neAES256-GCM.
4. Kiyi inowanikwa uchishandisa PBKDF2 ine SHA512 uye 100k iterations.
5. Iyo decrypted faira haina kumbochengetwa (uye tinovimba haina kumbochinjika) kune disk.
6. Izvo zvakadhindwa zvemukati zvinogara mu "yakachengeteka ndangariro" buffer yakagoverwa naGcrypt.
7. Inosanganisira tsigiro yezvose TOTP uye HOTP; SHA1, SHA256 uye SHA512 algorithm rutsigiro; uye rutsigiro rweSteam makodhi.
8. Inokutendera kuti utore kunze kwakavanzika backup makopi eAuthenticator Plus; pinza uye kutumira kunze kwakavanzika uye/kana nyore uye OTP backups; pinza uye kutumira kunze mbishi FreeOTPPlus backups (chete mukiyi URI fomati); uye pinza uye kutumira kunze kweiyo Aegis backup (json fomati chete).

Ongororo yeApp

Usati watanga ongororo yechikumbiro ichi, zvakakosha kuziva kuti ichaedzwa pa Pindura akadanwa MiracleOS 3.0 MX-NG-22.01 maererano MX-21 (Debian-11) pamwe neXFCE uye izvo zvatakaongorora munguva pfupi yapfuura pano.

Dhawunirodha uye Kuisa

Kune yako download uye dzishandise takaita zvinotevera kuraira nekukurumidza mune terminal (console), sezvinoratidzwa pasi apa:

«sudo flatpak install flathub com.github.paolostivanin.OTPClient»

Kuita uye kuongorora

Kana yangoiswa, tinogona kuitanga nekuiongorora, sezvinoratidzwa pazasi:

Kuti uwane rumwe ruzivo nezve "OTPClient", unogona kutsvaga zvinotevera zvinongedzo:

• Debian mapakeji
• Alternative To / Open Source
• GitHub / Wiki / Mushandisi Manual

Resumen

Muchidimbu, tinovimba kuti gwara iri kana dzidziso ye isa "OTPClient", kuisa yayo yazvino vhezheni inowanikwa kuburikidza ne Flatpak package maneja, shandisa zvakanyanya kune vakawanda, kunyanya avo vanoda kuwana zvakakosha online applications nemasevhisi, kuburikidza zvinhu zviviri chokwadi, zvakawandisa nguva-based one-time passwords (TOTP), se HMAC-based one-time passwords (HOTP).

Tinovimba kuti chinyorwa ichi chinobatsira zvikuru kune vese «Comunidad de Software Libre, Código Abierto y GNU/Linux». Uye usakanganwe kutaura pazviri pazasi, uye ugovane nevamwe pamawebhusaiti ako aunofarira, chiteshi, mapoka kana nharaunda dzesocial network kana mameseji masisitimu. Pakupedzisira, shanyira peji yedu yekumba pa «DesdeLinux» kuongorora dzimwe nhau, uye kujoina yedu yepamutemo chiteshi Teregiramu ye DesdeLinux.