[X2Go-Dev] Bug#1027: generalize OTP support for challenge/response style tokens

Tor Perkins x2go34 at noid.net
Wed Apr 13 23:58:19 CEST 2016


Package: x2goclient
Version: 4.0.5.2
Tags: patch


Hello,

I really like the new support for OTP (One Time Passwords).

This patch adds support for ANSI X9.9 OTP tokens (and probably others too).
These tokens look like tiny calculators.  Here's a link to a typical example:

  http://www.safenet-inc.com/multi-factor-authentication/authenticators/one-time-password-otp/gold-challenge-response-token/

Here's a diagram of the "user experience" when using these tokens:

  http://www.safenet-inc.com/uploadedImages/images/products/data-protection/authentication-images/GOLD-challenge-response-diagram.png

With this patch, if the SSH server sends a verification prompt to the X2Go
client that contains the string "challenge", then the client will prompt the
user for the verification code (as before), but this time it will show the
user the actual content of the server's prompt.

This enables the user to see what the "challenge" is.  This is not a
requirement for the time or event based algorithms currently supported.

The X9.9 standard was very popular before the newer algorithms came along and
there are many companies that use this style.

Thanks for your consideration!  X2Go rocks!

- Tor


-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-generalize-OTP-support-for-challenge-response-style-.patch
Type: text/x-patch
Size: 5164 bytes
Desc: not available
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20160413/3caaf348/attachment.bin>


More information about the x2go-dev mailing list