A Linux distribution is an operating system made from a software collection that includes the Linux kernel and often a package management system. Linux users usually obtain their operating system by downloading one of the Linux distributions, which are available for a wide variety of systems ranging from embedded devices and personal computers to powerful supercomputers.
An authenticator is a means used to confirm a user's identity, that is, to perform digital authentication. A person authenticates to a computer system or application by demonstrating that he or she has possession and control of an authenticator. In the simplest case, the authenticator is a common password.
RSA SecurID, formerly referred to as SecurID, is a mechanism developed by RSA for performing two-factor authentication for a user to a network resource.
Red Hat Enterprise Linux (RHEL) is a commercial open-source Linux distribution developed by Red Hat for the commercial market. Red Hat Enterprise Linux is released in server versions for x86-64, Power ISA, ARM64, and IBM Z and a desktop version for x86-64. Fedora Linux and CentOS Stream serve as its upstream sources. All of Red Hat's official support and training, together with the Red Hat Certification Program, focuses on the Red Hat Enterprise Linux platform.
OpenVPN is a virtual private network (VPN) system that implements techniques to create secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. It implements both client and server applications.
A one-time password (OTP), also known as a one-time PIN, one-time authorization code (OTAC) or dynamic password, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid several shortcomings that are associated with traditional (static) password-based authentication; a number of implementations also incorporate two-factor authentication by ensuring that the one-time password requires access to something a person has as well as something a person knows.
A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to, or in place of, a password. Examples of security tokens include wireless keycards used to open locked doors, a banking token used as a digital authenticator for signing in to online banking, or signing a transaction such as a wire transfer.
HMAC-based one-time password (HOTP) is a one-time password (OTP) algorithm based on HMAC. It is a cornerstone of the Initiative for Open Authentication (OATH).
This is a comparison of notable free and open-source configuration management software, suitable for tasks like server configuration, orchestration and infrastructure as code typically performed by a system administrator.
FreeIPA is a free and open source identity management system. FreeIPA is the upstream open-source project for Red Hat Identity Management.
Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism. MFA protects personal data—which may include personal identification or financial assets—from being accessed by an unauthorized third party that may have been able to discover, for example, a single password.
The Transport Layer Security (TLS) protocol provides the ability to secure communications across or inside networks. This comparison of TLS implementations compares several of the most notable libraries. There are several TLS implementations which are free software and open source.
Google Authenticator is a software-based authenticator by Google. It implements multi-factor authentication services using the time-based one-time password and HMAC-based one-time password, for authenticating users of software applications.
LinOTP is Linux-based software to manage authentication devices for two-factor authentication with one time passwords. It is implemented as a web service based on the python framework Pylons. Thus it requires a web server to run in.
multiOTP is an open source PHP class, a command line tool, and a web interface that can be used to provide an operating-system-independent, strong authentication system. multiOTP is OATH-certified since version 4.1.0 and is developed under the LGPL license. Starting with version 4.3.2.5, multiOTP open source is also available as a virtual appliance—as a standard OVA file, a customized OVA file with open-vm-tools, and also as a virtual machine downloadable file that can run on Microsoft's Hyper-V, a common native hypervisor in Windows computers.
The YubiKey is a hardware authentication device manufactured by Yubico to protect access to computers, networks, and online services that supports one-time passwords (OTP), public-key cryptography, and authentication, and the Universal 2nd Factor (U2F) and FIDO2 protocols developed by the FIDO Alliance. It allows users to securely log into their accounts by emitting one-time passwords or using a FIDO-based public/private key pair generated by the device. YubiKey also allows storing static passwords for use at sites that do not support one-time passwords. Google, Amazon, Microsoft, Twitter, and Facebook use YubiKey devices to secure employee accounts as well as end-user accounts. Some password managers support YubiKey. Yubico also manufactures the Security Key, a similar lower-cost device with only FIDO2/WebAuthn and FIDO/U2F support.
Keycloak is an open source software product to allow single sign-on with identity and access management aimed at modern applications and services. As of March 2018 this WildFly community project is under the stewardship of Red Hat who use it as the upstream project for their Red Hat build of Keycloak.
Element is a free and open-source software instant messaging client implementing the Matrix protocol.
The following is a general comparison of OTP applications that are used to generate one-time passwords for two-factor authentication (2FA) systems using the time-based one-time password (TOTP) or the HMAC-based one-time password (HOTP) algorithms.
