A USB dongle for one-time passwords

Conclusion

The benefits of OpenKubus include portability and the ability to customize hardware without breaking the bank. The drawback is that the stick and all the servers need to synchronize the serial number. If you need to authenticate against multiple servers, you will need a central server. Tools for managing OpenKubus in larger environments with large numbers of users are still rudimentary.

OpenKubus will not protect you against man-in-the-middle attacks [8]. The service you are calling has to demonstrate authenticity separately. However, the project is an exciting platform for any administrator interested in experimenting.

Infos

  1. "One-Time Passwords" by Udo Seidel, Linux Magazine, November 2008, pg. 22
  2. USBprog wiring diagram: http://www.embedded-projects.net/usbprog
  3. Shop for OpenKubus hardware: http://shop.embedded-projects.net
  4. OpenKubus: http://code.google.com/p/openkubus (in German)
  5. Installation notes on AVR-GCC: http://www.nongnu.org/avr-libc/user-manual/install_tools.html
  6. PAM configuration syntax: http://kernel.org/pub/linux/libs/pam/Linux-PAM-html/sag-configuration-file.html
  7. Wrapper Generator SWIG: http://www.swig.org/
  8. Man-in-the-middle attacks: http://en.wikipedia.org/wiki/Man-in-the-middle_attack

The Author

Benedikt Sauter and Michael Hartmann are both interested in open source and hardware tinkering. The authors both work on customizing embedded devices for the OpenKubus project.

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • One-Time Passwords

    A one-time password won't compromise security if it falls in the wrong hands. OPIE and OTPW bring the safety of one-time password security to Linux.

  • Password Management Services Vulnerable to Attack

    Should you trust an online service to store your online passwords?

  • Ask Klaus!

    Klaus Knopper is the creator of Knoppix and co-founder of the LinuxTag expo. He currently works as a teacher, programmer, and consultant. If you have a configuration problem, or if you just want to learn more about how Linux works, send your questions to: klaus@linux-magazine.com

  • One-Time Passwords on the Web

    Add security to your website with a one-time password system.

  • IEEE 802.1X

    Did you think the IEEE 802.1X standard is only for wireless? We show you how to set up a network access control system on a wired network with IEEE 802.1X and a FreeRADIUS server.

comments powered by Disqus

Direct Download

Read full article as PDF:

News

njobs Europe
What:
Where:
Country:
Njobs Netherlands Njobs Deutschland Njobs United Kingdom Njobs Italia Njobs France Njobs Espana Njobs Poland
Njobs Austria Njobs Denmark Njobs Belgium Njobs Czech Republic Njobs Mexico Njobs India Njobs Colombia