I. Why I'd like this ebuild included in portage/overlay because there's no similar software available currently. I know of three other systems like this one: - otpw - opie (kind of outdated but popular) - pam-ppp (software on which otpasswd ideas are based) - pam_sotp (this one is in sunrise; it's development looks suspended) But I guess all are inferior to OTPasswd currently. II. What Idea for all of them is similar; software consist of some utility to manage "user state" and PAM module to perform authentication. After installation/configuration each time you have to log with SSH you're asked for your normal password and a one-time pad. Even if your client session is keylogged, the attacker won't have enough information to login himself. One-time pads can be kept on printed paper cards on received via out-of-band channel communication (I use SMS). III. Details Ebuild info: Tested successfully on x86 and amd64. At first I tried to fix bugs of pam-ppp and add some features but fast I decided to drop it completely and write similar system from scratch. This one after two months of coding is much more advanced and well-documented. It needs tests but this can be helped by placing it in portage/overlay. ;) Program was tested successfully also under FreeBSD.
Created attachment 217325 [details] Ebuild for RC1 This ebuild installs software in most versatile way, but requiring suid-root. If this would make it harder for the ebuild to be used it might be removed. otpasswd can work without suid while keeping it's state inside user home directories.
*** Bug 292452 has been marked as a duplicate of this bug. ***
