AusweisApp
- Ebuilds: 2, Stable: 2.4.0, Testing: 2.4.1 Description: Official authentication app for German ID cards and residence permits
Homepage:https://www.ausweisapp.bund.de/ License: EUPL-1.2
munge
- Ebuilds: 1, Stable: 0.5.18, Testing: 0.5.18 Description: MUNGE (MUNGE Uid 'N' Gid Emporium) is an authentication service for creating
and validating credentials. It is designed to be highly scalable for use in
an HPC cluster environment. It allows a process to authenticate the UID and
GID of another local or remote process within a group of hosts having common
users and groups. These hosts form a security realm that is defined by a
shared cryptographic key. Clients within this security realm can create and
validate credentials without the use of root privileges, reserved ports, or
platform-specific methods.
Homepage:https://github.com/dun/munge License: GPL-3
nss-docker-ng
- Ebuilds: 2, Testing: 1.1.3 Description: NSS plugin for finding Docker containers by their ID or name
Homepage:https://github.com/petski/nss-docker-ng License: MIT Apache-2.0 LGPL-3 MIT MPL-2.0 Unicode-DFS-2016
nss-mdns
- Ebuilds: 2, Stable: 0.15.1, Testing: 9999, 0.15.1 Description: Name Service Switch module for Multicast DNS
Homepage:https://github.com/lathiat/nss-mdns License: GPL-2+
nss-myhostname
- Ebuilds: 1, Stable: 0.3-r1, Testing: 0.3-r1 Description:
nss-myhostname is a plugin for the GNU Name Service Switch (NSS) functionality
of the GNU C Library (glibc) providing host name resolution for the locally
configured system hostname as returned by gethostname(2). Various software
relies on an always resolvable local host name. When using dynamic hostnames
this is usually achieved by patching /etc/hosts at the same time as changing
the host name. This however is not ideal since it requires a writable /etc
file system and is fragile because the file might be edited by the
administrator at the same time. nss-myhostname simply returns all locally
configure public IP addresses, or -- if none are configured -- the IPv4
address 127.0.0.2 (wich is on the local loopback) and the IPv6 address ::1
(which is the local host) for whatever system hostname is configured locally.
Patching /etc/hosts is thus no longer necessary.
Homepage:https://0pointer.de/lennart/projects/nss-myhostname/ License: LGPL-2.1+
nss-pam-ldapd
- Ebuilds: 1, Stable: 0.9.13, Testing: 0.9.13 Description:
Provides a Name Service Switch (NSS) module that allows your LDAP
server to provide user account, group, host name, alias, netgroup, and
basically any other information that you would normally get from /etc
flat files or NIS. It also provides a Pluggable Authentication Module
(PAM) to do authentication to an LDAP server.
This is implemented using thin NSS and PAM modules which delegate to a
dedicated service (nslcd) that queries the LDAP server with persistent
connections, authentication, attribute translation, etc.
Homepage:https://arthurdejong.org/nss-pam-ldapd/ License: LGPL-2.1
pam_mount
- Ebuilds: 3, Stable: 2.22, Testing: 2.21 Description: A PAM module that can mount volumes for a user session
Homepage:https://inai.de/projects/pam_mount/ License: GPL-3
pam_smb
- Ebuilds: 1, Stable: 2.0.0_rc6-r3, Testing: 2.0.0_rc6-r3 Description: PAM module for authenticating against an SMB (such as the Win_x families) server
Homepage:http://www.csn.ul.ie/~airlied/pam_smb/ License: GPL-2
rtkit
- Ebuilds: 1, Stable: 0.14, Testing: 0.14 Description:
RealtimeKit is a DBus service that provides applications with an interface
to escalate their priority to realtime, without any special setup in
rlimits, etc.
Homepage:https://gitlab.freedesktop.org/pipewire/rtkit License: GPL-3 BSD
skey
- Ebuilds: 1, Stable: 1.1.5-r14, Testing: 1.1.5-r14 Description:
From RFC2289:
One form of attack on networked computing systems is eavesdropping on
network connections to obtain authentication information such as the
login IDs and passwords of legitimate users. Once this information is
captured, it can be used at a later time to gain access to the system.
One-time password systems are designed to counter this type of attack,
called a "replay attack."
The authentication system described in this document uses a secret
pass-phrase to generate a sequence of one-time (single use) passwords.
With this system, the user's secret pass-phrase never needs to cross the
network at any time such as during authentication or during pass-phrase
changes. Thus, it is not vulnerable to replay attacks. Added security
is provided by the property that no secret information need be stored on
any system, including the server being protected.
The OTP system protects against external passive attacks against the
authentication subsystem. It does not prevent a network eavesdropper from
gaining access to private information and does not provide protection
against either "social engineering" or active attacks.
Homepage:https://web.archive.org/web/20160710152027/http://www.openbsd.org:80/faq/faq8.html#SKey License: BSD MIT RSA BEER-WARE
solo1
- Ebuilds: 1, Stable: 0.1.1-r1, Testing: 0.1.1-r1 Description:
The command-line tool 'solo1' provided by this package can be used to reset
a SoloKeys Solo 1, set/change the PIN, generate credentials, interact
with the on-board TRNG, update the firmware, and more. See the output
of 'solo1 key --help' for more information.
Homepage:https://github.com/solokeys/solo1-cli License: Apache-2.0 MIT
ssh-import-id
- Ebuilds: 1, Stable: 5.11-r1, Testing: 5.11-r1 Description: Utility to securely retrieve an SSH public key and install it locally
Homepage:https://launchpad.net/ssh-import-id License: GPL-3
sssd
- Ebuilds: 3, Stable: 2.12.0-r2, Testing: 2.12.0-r2 Description: System Security Services Daemon provides access to identity and authentication
Homepage:https://github.com/SSSD/sssd
thinkfinger
- Ebuilds: 1, Testing: 0.3-r3 Description: Support for the UPEK/SGS Thomson fingerprint reader, common in Thinkpads
Homepage:http://thinkfinger.sourceforge.net/ License: GPL-2