I-OTPClient: I-TOTP yasimahla kunye nomphathi wethokheni ye-HOTP enofihlo olwakhelwe ngaphakathi

I-OTPClient: I-TOTP yasimahla kunye nomphathi wethokheni ye-HOTP enofihlo olwakhelwe ngaphakathi

Ekuqaleni konyaka, senze upapasho olukhulu olunxulumene nomxholo othi Ukhuseleko lolwazi. Ngokuthe ngqo kumbandela wokusetyenziswa kwe Itekhnoloji ye-2FA, eyaziwa ngakumbi ngeSpanish, njenge "Izinto eziNgqiniseka kabini" o "Uqinisekiso lwezinto ezimbini". Kwaye nakwindlela yokufaka izicelo zobunini ezibizwa IsiQinisekiso sikaGoogle kunye neTwilio Auth, usebenzisa inkqubo yomzobo ebizwa Isoftware yeGNOME. Ngelixa namhlanje, siza kuphonononga umnxeba wasimahla novulekileyo "OTPClient".

engeyonto ngaphandle kwe-a Isicelo se-GTK+ sokulawula iithokheni ze-TOTP kunye ne-HOTP ngofihlo olwakhelwe ngaphakathi, oko kukuthi, ukuphatha uqinisekiso lwezinto ezimbini, ukuxhasa zombini ixesha-based passwords yexesha elinye (TOTP), njengoko I-HMAC-based passwords yexesha elinye (HOTP).

I-2FA kwiLinux: Uyifaka njani iMqinisekiso kaGoogle kunye neTwilio Authy?

Kwaye njengesiqhelo, ngaphambi kokungena kwisihloko sanamhlanje malunga nesicelo "OTPClient", kwaye ngakumbi ngakumbi kwi inguqulelo ekhoyo "2.4.9.1" ifumaneka ngefomathi ye-flatpak, siya kushiya abo banomdla amakhonkco alandelayo kwezinye izithuba ezinxulumene nangaphambili. Ngendlela yokuba banokuziphonononga ngokulula, ukuba kuyimfuneko, emva kokugqiba le mpapasho:

"Itekhnoloji ye "2FA", eyaziwa ngcono ngeSpanish njenge "Double Factor Authentication" okanye "Ukuqinisekiswa kwezinto ezimbini", yindlela ebalaseleyo yokukhusela, kuba isebenzisa enye ingqimba yokuqinisekisa kwimisebenzi yethu. Kwaye ukusebenzisa le teknoloji, zininzi ii-apps ezifana ne-Google Authenticator kunye ne-Twilio Authy. Yiyiphi, apha siza kubona indlela yokuzifaka kwi-GNU/Linux". I-2FA kwiLinux: Uyifaka njani iMqinisekiso kaGoogle kunye neTwilio Authy?

Inqaku elidibeneyo:

UGoogle uya kwenza ukuba uqinisekiso lwezinto ezimbini lube lolungagqibekanga kuye wonke umntu

Inqaku elidibeneyo:

UGoogle usebenza kwinto entsha yogunyaziso ye-2FA eya kusekelwa kwi-QR

I-OTPClient: I-GTK+ iSoftware yoQinisekiso lweeFactor ezimbini

Yintoni i-OTPClient?

Ngokutsho kwabaphuhlisi bayo, kuyo iwebhusayithi esemthethweni kwiGitHub, ichazwe ngokufutshane ngolu hlobo lulandelayo:

"Ngumthengi we-OTP obhalwe kwi-C/GTK, exhasa zombini i-TOTP kunye ne-HOTP. Ke ngoko, ikhuseleke kakhulu kwaye kulula ukuyisebenzisela ukuqinisekiswa kwezinto ezimbini, ixhasa zombini iipassword zexesha elinye (TOTP) kunye ne-HMAC-based one-time passwords (HOTP).".

Ngelixa, kwifayile yakhe iwebhusayithi esemthethweni kwi-FlatHub, yichaze ngokubanzi ngolu hlobo lulandelayo:

"Kulula ukusebenzisa usetyenziso lwe-GTK ukulawula ngokukhuselekileyo i-TOTP kunye neethokheni ze-HOTP. Kuyo, umxholo ubhalwe ngekhowudi kwidiski usebenzisa i-AES256-GCM kwaye igama eliyimfihlo lifunyenwe kusetyenziswa i-PBKDF2 nge-100k iterations kunye ne-SHA512 njenge-algorithm ye-hash. Kwakhona, ivumela ukungenisa/ukuthunyelwa ngaphandle kwe-backups ukusuka/ukuya kwi-OTP, kunye nokungenisa ii-backups kwi-Authenticator+ app.".

Izixhobo

Okwangoku, ezinye zakhe ezona zinto zibalaseleyo Zizo:

1. Inkxaso yokumisela idijithi yesiko (phakathi kwe-4 kunye ne-10 edibeneyo).
2. Ikuvumela ukuba usete ixesha elimiselweyo (phakathi kwe-10 kunye ne-120 imizuzwana ehlanganisiwe).
3. Isiseko sedatha sasekhaya sifihliwe nge-AES256-GCM.
4. Isitshixo sifunyenwe kusetyenziswa i-PBKDF2 nge-SHA512 kunye ne-100k iterations.
5. Ifayile ekhutshiweyo ayigcinwanga (kwaye ngethemba ukuba ayisayi kutshintshwa) kwidisk.
6. Umxholo okhutshelweyo uhlala "kwinkumbulo ekhuselekileyo" egcinwe nguGcrypt.
7. Ibandakanya inkxaso yazo zombini i-TOTP kunye ne-HOTP; I-SHA1, SHA256 kunye ne-SHA512 inkxaso ye-algorithm; kunye nenkxaso yeekhowudi zeSteam.
8. Ikuvumela ukuba ungenise iikopi ezigcinwayo ezifihliweyo zeAuthenticator Plus; ngenisa kwaye uthumele ngaphandle kunye/okanye ii-backups ezilula kunye ne-OTP; ngenisa kwaye uthumele ngaphandle ii-backups ze-FreeOTPPlus ekrwada (kuphela kwifomathi engundoqo ye-URI); kwaye ungenise kwaye uthumele ngaphandle i-backup ye-Aegis (ifomati ye-json kuphela).

Uphengululo lwesicelo

Ngaphambi kokuqala ukuphononongwa kwesi sicelo, kuyafaneleka ukuba uqaphele ukuba kuya kuvavanywa kwi Phendula kubizwa MilagroOS 3.0 MX-NG-22.01 esekwe MX-21 (Debian-11) kunye neXFCE kunye nesandula ukuphonononga apha.

Khuphela uze ufake

Yeyakho khuphela kwaye ufake senze oku kulandelayo umyalelo okhawulezayo kwi-terminal (console), njengoko kubonisiwe ngezantsi:

«sudo flatpak install flathub com.github.paolostivanin.OTPClient»

Ukwenziwa kunye nokuhlola

Nje ukuba ifakwe, sinokuyiqala kwaye siyiphonononge, njengoko kubonisiwe ngezantsi:

Ngolwazi oluthe kratya kwi "OTPClient", ungahlola ezi zinto zilandelayo:

• Iiphakheji zeDebian
• Enye indlela yokuya / kuMthombo oVulekileyo
• GitHub / Wiki / Incwadi yomsebenzisi

Isishwankathelo

Ngamafutshane, sinethemba lokuba esi sikhokelo okanye isifundo faka "OTPClient", ifaka inguqulelo yayo yamva nje ekhoyo nge Umphathi wephakheji yePlppak, ibe lusetyenziso olukhulu kwabaninzi, ngakumbi abo bafuna ukufikelela kwizicelo ezibalulekileyo ze-intanethi kunye neenkonzo, ngokusebenzisa Izinto ezimbini ezingqinisisiweyo, kakhulu ixesha-based passwords yexesha elinye (TOTP), njengoko I-HMAC-based passwords yexesha elinye (HOTP).

Siyathemba ukuba olu papasho luluncedo kakhulu kumntu wonke «Comunidad de Software Libre, Código Abierto y GNU/Linux». Kwaye ungalibali ukuphawula ngayo apha ngezantsi, kwaye wabelane ngayo nabanye kwiiwebhusayithi zakho ozithandayo, amajelo, amaqela okanye uluntu lwenethiwekhi yoluntu okanye iinkqubo zemiyalezo. Ekugqibeleni, tyelela iphepha lethu lasekhaya ku «DesdeLinux» ukuphonononga ezinye iindaba, kwaye ujoyine ijelo lethu elisemthethweni ITelegram ye DesdeLinux.