#1027 - generalize OTP support for challenge/response style tokens

X2Go Bug report logs - #1027
generalize OTP support for challenge/response style tokens

Reported by: Tor Perkins <x2go34@noid.net>

Date: Thu, 14 Apr 2016 21:25:01 UTC

Severity: normal

Tags: patch, pending

Found in version 4.0.5.2

Fixed in version 4.0.5.2

Done: X2Go Release Manager <git-admin@x2go.org>

Bug is archived. No further changes may be made.

Received: (at submit) by bugs.x2go.org; 14 Apr 2016 21:22:59 +0000
From x2go34@noid.net  Thu Apr 14 23:22:58 2016
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
	ymir.das-netzwerkteam.de
X-Spam-Level: *
X-Spam-Status: No, score=1.9 required=3.0 tests=BAYES_50,DATE_IN_PAST_12_24,
	URIBL_BLOCKED autolearn=no version=3.3.2
Received: from localhost (localhost [127.0.0.1])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 059665DA9D
	for <submit@bugs.x2go.org>; Thu, 14 Apr 2016 23:22:58 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at ymir.das-netzwerkteam.de
Received: from ymir.das-netzwerkteam.de ([127.0.0.1])
	by localhost (ymir.das-netzwerkteam.de [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id ro-AsnghQLow for <submit@bugs.x2go.org>;
	Thu, 14 Apr 2016 23:22:51 +0200 (CEST)
X-Greylist: delayed 399 seconds by postgrey-1.34 at ymir.das-netzwerkteam.de; Thu, 14 Apr 2016 23:22:50 CEST
Received: from anoid.noid.net (anoid.noid.net [74.95.194.161])
	by ymir.das-netzwerkteam.de (Postfix) with ESMTP id 0508D5DA97
	for <submit@bugs.x2go.org>; Thu, 14 Apr 2016 23:22:50 +0200 (CEST)
Received: from anoid.noid.net (localhost.noid.net [127.0.0.1])
	by anoid.noid.net (GNU) with ESMTP id cecdaa61
	for <submit@bugs.x2go.org>;
	Thu, 14 Apr 2016 14:16:09 -0700 (PDT)
From: Tor Perkins <x2go34@noid.net>
Date: Wed, 13 Apr 2016 14:58:19 -0700
Subject: generalize OTP support for challenge/response style tokens
To: submit@bugs.x2go.org
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="------------1.7.2.5"
Message-ID: <20160414211604.088193AB405E@noid.net>
X-Mini-Diatribe: To fix America:
	1. Cut government in half
	2. Wait thirty years
	3. Repeat as necessary

[Message part 1 (text/plain, inline)]

Package: x2goclient Version: 4.0.5.2 Tags: patch Hello, I really like the new support for OTP (One Time Passwords). This patch adds support for ANSI X9.9 OTP tokens (and probably others too). These tokens look like tiny calculators. Here's a link to a typical example: http://www.safenet-inc.com/multi-factor-authentication/authenticators/one-time-password-otp/gold-challenge-response-token/ Here's a diagram of the "user experience" when using these tokens: http://www.safenet-inc.com/uploadedImages/images/products/data-protection/authentication-images/GOLD-challenge-response-diagram.png With this patch, if the SSH server sends a verification prompt to the X2Go client that contains the string "challenge", then the client will prompt the user for the verification code (as before), but this time it will show the user the actual content of the server's prompt. This enables the user to see what the "challenge" is. This is not a requirement for the time or event based algorithms currently supported. The X9.9 standard was very popular before the newer algorithms came along and there are many companies that use this style. Thanks for your consideration! X2Go rocks! - Tor

X2Go Developers <owner@bugs.x2go.org>. Last modified: Fri Apr 26 16:00:28 2024; Machine Name: ymir.das-netzwerkteam.de

X2Go Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

X2Go Bug report logs - #1027 generalize OTP support for challenge/response style tokens

X2Go Bug report logs - #1027
generalize OTP support for challenge/response style tokens