I-OTPClient: I-TOTP yamahhala kanye nomphathi wethokheni ye-HOTP enombhalo oyimfihlo owakhelwe ngaphakathi

I-OTPClient: I-TOTP yamahhala kanye nomphathi wethokheni ye-HOTP enombhalo oyimfihlo owakhelwe ngaphakathi

I-OTPClient: I-TOTP yamahhala kanye nomphathi wethokheni ye-HOTP enombhalo oyimfihlo owakhelwe ngaphakathi

Ekuqaleni konyaka, senze incwadi enhle ehlobene nendikimba ethi Ukuphepha kolwazi. Ngokuqondile kakhulu endabeni yokusetshenziswa kwe Ubuchwepheshe be-2FA, eyaziwa kangcono ngeSpanishi, ngokuthi "I-Double Authentication Factor" o "Ukuqinisekiswa kwezinto ezimbili". Futhi mayelana nendlela yokufaka izicelo zobunikazi ezibizwa I-Google Authenticator kanye ne-Twilio Auth, kusetshenziswa uhlelo lokusebenza lokuqhafaza olubizwa Isoftware ye-GNOME. Ngenkathi namuhla, sizohlola ikholi yamahhala nevulekile "OTPClient".

okungeyona into engaphezu kuka-a Uhlelo lokusebenza lwe-GTK+ lokuphatha amathokheni e-TOTP nawe-HOTP ngokubethela okwakhelwe ngaphakathi, okungukuthi, ukuphatha ukuqinisekiswa kwezinto ezimbili, okusekela kokubili amaphasiwedi esikhathi esisodwa asuselwa kusikhathi (TOTP), njenge Amaphasiwedi esikhathi esisodwa asuselwa ku-HMAC (HOTP).

I-2FA ku-Linux: Ungayifaka kanjani i-Google Authenticator ne-Twilio Authy?

I-2FA ku-Linux: Ungayifaka kanjani i-Google Authenticator ne-Twilio Authy?

Futhi njengenjwayelo, ngaphambi kokungena esihlokweni sanamuhla mayelana nesicelo "OTPClient", futhi ikakhulukazi ku- inguqulo etholakalayo "2.4.9.1" itholakala ngefomethi ye-flatpak, sizoshiyela labo abathanda izixhumanisi ezilandelayo zokuthunyelwe okuhlobene kwangaphambilini. Ngendlela yokuthi bangazihlola kalula, uma kunesidingo, ngemva kokuqeda ukufunda le ncwadi:

"Ubuchwepheshe be-“2FA”, okwaziwa kangcono nge-Spanish ngokuthi “Double Factor Authentication” noma “Two-Factor Authentication”, buyindlela yokuvikela enhle kakhulu, njengoba busebenzisa isendlalelo esisodwa sokuqinisekisa emisebenzini yethu. Futhi ukusebenzisa lobu buchwepheshe, kunezinhlelo zokusebenza eziningi ezifana ne-Google Authenticator ne-Twilio Authy. Okungukuthi, lapha sizobona ukuthi ungawafaka kanjani ku-GNU/Linux". I-2FA ku-Linux: Ungayifaka kanjani i-Google Authenticator ne-Twilio Authy?

2FA
I-athikili ehlobene:
I-Google izonika amandla ukuqinisekiswa kwezinto ezimbili ngokuzenzakalela kuwo wonke umuntu
I-2fa
I-athikili ehlobene:
I-Google isebenzela isici esisha sokugunyazwa se-2FA esizosekelwe ku-QR

I-OTPClient: Isofthiwe ye-GTK+ yokuqinisekisa izinto ezimbili

I-OTPClient: Isofthiwe ye-GTK+ yokuqinisekisa izinto ezimbili

Yini i-OTPClient?

Ngokuya ngonjiniyela bayo, ku- iwebhusayithi esemthethweni ku-GitHub, ichazwe kafushane ngale ndlela elandelayo:

"Kuyiklayenti le-OTP elibhalwe nge-C/GTK, esekela kokubili i-TOTP ne-HOTP. Ngakho-ke, ivikeleke kakhulu futhi kulula ukuyisebenzisela ukuqinisekiswa kwezinto ezimbili, isekela kokubili amaphasiwedi esikhathi esisodwa (TOTP) kanye namaphasiwedi esikhathi esisodwa asuselwa ku-HMAC (HOTP).".

Ngenkathi, ku iwebhusayithi esemthethweni ku-FlatHub, ichaze kabanzi ngale ndlela elandelayo:

"Kulula ukusebenzisa uhlelo lokusebenza lwe-GTK ukuphatha ngokuphephile amathokheni e-TOTP nawe-HOTP. Kuyo, okuqukethwe kubethelwe kudiski kusetshenziswa i-AES256-GCM futhi igama-mfihlo eliyinhloko litholwa kusetshenziswa i-PBKDF2 eneziphindaphindo ezingu-100k kanye ne-SHA512 njenge-algorithm ye-hashi. Futhi, ivumela ukungenisa/ukukhipha izipele kusuka/kuya ku-OTP, nokungenisa izipele kusukela kuhlelo lokusebenza lwe-Authenticator+.".

Izici

Njengamanje, ezinye zazo izici ezivelele kakhulu Yilezi:

  1. Sekela ukulungiselelwa kwedijithi yangokwezifiso (phakathi kuka-4 no-10 kanye).
  2. Ikuvumela ukuthi usethe isikhathi sangokwezifiso (phakathi kwamasekhondi angu-10 no-120).
  3. Isizindalwazi sendawo sibethelwe nge-AES256-GCM.
  4. Ukhiye utholwa kusetshenziswa i-PBKDF2 ene-SHA512 nokuphindaphinda okungu-100k.
  5. Ifayela elisuswe ukubethela alilokothi lilondolozwe (futhi ngethemba ukuthi alilokothi lishintshwe) kudiski.
  6. Okuqukethwe okususwe ukubethela kuhlala "kumemori evikelekile" enikezwe i-Gcrypt.
  7. Kufaka phakathi ukwesekwa kwakho kokubili i-TOTP ne-HOTP; Ukusekelwa kwe-algorithm ye-SHA1, SHA256 ne-SHA512; nokusekelwa kwamakhodi eSteam.
  8. Ikuvumela ukuthi ungenise amakhophi ayisipele abethelwe e-Authenticator Plus; ukungenisa nokuthekelisa okubethelwe kanye/noma okulula kanye nezipele ze-OTP; ngenisa futhi uthumele izipele ze-FreeOTPPlus ezingavuthiwe (kuphela ngefomethi engukhiye ye-URI); futhi ungenise futhi ukhiphe isipele se-Aegis eluhlaza (ifomethi ye-json kuphela).

Ukubuyekezwa kohlelo lokusebenza

Ngaphambi kokuqala ukubuyekezwa kwalolu hlelo lokusebenza, kufanelekile ukuqaphela ukuthi luzohlolwa ku- Phendula kubizwa I-MilagrOS 3.0 MX-NG-22.01 kusekelwe I-MX-21 (Debian-11) nge-XFCE nokuthi sisanda kuhlola lapha.

Landa futhi ufake

Okwakho landa bese ufaka senze okulandelayo umyalo wokuthumela kutheminali (console), njengoba kukhonjisiwe ngezansi:

«sudo flatpak install flathub com.github.paolostivanin.OTPClient»

I-OTPClient: Isithombe-skrini 1

Ukwenza nokuhlola

Uma isifakiwe, singayiqala futhi siyihlole, njengoba kukhonjisiwe ngezansi:

I-OTPClient: Isithombe-skrini 2

I-OTPClient: Isithombe-skrini 3

I-OTPClient: Isithombe-skrini 4

I-OTPClient: Isithombe-skrini 5

I-OTPClient: Isithombe-skrini 6

I-OTPClient: Isithombe-skrini 7

I-OTPClient: Isithombe-skrini 8

I-OTPClient: Isithombe-skrini 9

I-OTPClient: Isithombe-skrini 10

I-OTPClient: Isithombe-skrini 11

Ngeminye imininingwane nge "OTPClient", ungahlola izixhumanisi ezilandelayo:

Umjikelezo: Okuthunyelwe kwesibhengezo sango-2021

Isifingqo

Kafushane, sithemba ukuthi lo mhlahlandlela noma okokufundisa faka "OTPClient", ifaka inguqulo yayo yakamuva etholakala nge- Umphathi wephakethe leFlppak, kube usizo olukhulu kwabaningi, ikakhulukazi labo abadinga ukufinyelela izinhlelo zokusebenza ezibalulekile ze-inthanethi namasevisi, ngokusebenzisa izinto ezimbili zokufakazela ubuqiniso, kakhulu amaphasiwedi esikhathi esisodwa asuselwa kusikhathi (TOTP), njenge Amaphasiwedi esikhathi esisodwa asuselwa ku-HMAC (HOTP).

Siyethemba ukuthi lolu shicilelo luwusizo olukhulu kubo bonke «Comunidad de Software Libre, Código Abierto y GNU/Linux». Futhi ungakhohlwa ukuphawula ngakho ngezansi, futhi wabelane ngakho nabanye kumawebhusayithi ayizintandokazi zakho, iziteshi, amaqembu noma imiphakathi yezokuxhumana nabantu noma izinhlelo zemiyalezo. Ekugcineni, vakashela ikhasi lethu lasekhaya ku «DesdeLinux» ukuhlola ezinye izindaba, bese ujoyina isiteshi sethu esisemthethweni se- I-Telegram ye DesdeLinux.


Yiba ngowokuqala ukuphawula

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.