[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kolab-users
Subject:    Re: One Time Passwords
From:       MTS Consult <info.mts.consult () gmail ! com>
Date:       2010-10-30 11:31:54
Message-ID: AANLkTi=hQHuLecw029NC3s3AM6d8QL1zQOTPiN_Daewk () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


I dont know of such a thing for any OS-Groupware.

We are currently in the brainstorming process of a safe/secure paranoid
implementation.

Secure Webauth with your own OpenID-Server (thats the key I think). Behind
the Login is a Java App that accesses OTP Tokens or Smartcards. The
Smartcard access with Java stuff is almost finished.

Also we like to take hushmail API and SpiderOAK as basis for true complete
encryption.

If there are programmers who like to help developing such a thing feel free
to get into touch.


2010/10/27 Michael <kolab983@der-he.de>

> Hi,
>
> I wonder if there's some way to have One Time Passwords for remote sign on
> to Kolab.
>
> Background: I'm using Kolab with Horde and Squirrelmail (I think it's much
> more comfortable for simple javascript-less email purposes) at my private
> Kolab Server. With my own PCs there's no Problem with logging in the common
> way: Username/Email+Password.
> But Horde and Squirrelmail are usable from any point at the World, as long
> as there's a Browser and a TCP/IP-Route to my Server. But I do not trust any
> other PCs where I'm not the Admin. So I would like to use One Time Passwords
> (Einmalkennwörter/Einmalpasswörter) for those purposes. This could be a
> simple list of TANs (Transaction authentication numbers or Passwords) or
> some complex password generator app. Doesn't matter. As long as there's no
> way for password replay attacks.
>
> It seems Cyrus SASL supports OTP, is this compatible with the way kolab
> stores login information? OpenLDAP?
>
> Is there anyone using Kolab in such a manner? I don't know where to start.
>
>
> Regards
> Michael
>
> _______________________________________________
> Kolab-users mailing list
> Kolab-users@kolab.org
> https://kolab.org/mailman/listinfo/kolab-users
>



-- 
Mit freundlichen Grüßen,
i.A. Markus Maiwald

Fon:       +31 629 50 70 65

Apple for Works - Linux for Network - Windows for Solitaire

[Attachment #5 (text/html)]

I dont know of such a thing for any OS-Groupware.<br><br>We are currently in the \
brainstorming process of a safe/secure paranoid implementation.<br><br>Secure  \
Webauth with your own OpenID-Server (thats the key I think). Behind the  Login is a \
Java App that accesses OTP Tokens or Smartcards. The  Smartcard access with Java \
stuff is almost finished.<br> <br>Also we like to take hushmail API and SpiderOAK as \
basis for true complete encryption.<br><br>If there are programmers who like to help \
developing such a thing feel free to get into touch.<br><br><br><div \
class="gmail_quote"> 2010/10/27 Michael <span dir="ltr">&lt;<a \
href="mailto:kolab983@der-he.de">kolab983@der-he.de</a>&gt;</span><br><blockquote \
class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, \
204, 204); padding-left: 1ex;"> Hi,<br>
<br>
I wonder if there&#39;s some way to have One Time Passwords for remote sign on to \
Kolab.<br> <br>
Background: I&#39;m using Kolab with Horde and Squirrelmail (I think it&#39;s much \
more comfortable for simple javascript-less email purposes) at my private Kolab \
Server. With my own PCs there&#39;s no Problem with logging in the common way: \
Username/Email+Password.<br>

But Horde and Squirrelmail are usable from any point at the World, as long as \
there&#39;s a Browser and a TCP/IP-Route to my Server. But I do not trust any other \
PCs where I&#39;m not the Admin. So I would like to use One Time Passwords \
(Einmalkennwörter/Einmalpasswörter) for those purposes. This could be a simple list \
of TANs (Transaction authentication numbers or Passwords) or some complex password \
generator app. Doesn&#39;t matter. As long as there&#39;s no way for password replay \
attacks.<br>

<br>
It seems Cyrus SASL supports OTP, is this compatible with the way kolab stores login \
information? OpenLDAP?<br> <br>
Is there anyone using Kolab in such a manner? I don&#39;t know where to start.<br>
<br>
<br>
Regards<br>
Michael<br>
<br>
_______________________________________________<br>
Kolab-users mailing list<br>
<a href="mailto:Kolab-users@kolab.org">Kolab-users@kolab.org</a><br>
<a href="https://kolab.org/mailman/listinfo/kolab-users" \
target="_blank">https://kolab.org/mailman/listinfo/kolab-users</a><br> \
</blockquote></div><br><br clear="all"><br>-- <br>Mit freundlichen Grüßen,<br>i.A. \
Markus Maiwald<br><br>Fon:           +31 629 50 70 65<br><br>Apple for Works - Linux \
for Network - Windows for Solitaire<br>



_______________________________________________
Kolab-users mailing list
Kolab-users@kolab.org
https://kolab.org/mailman/listinfo/kolab-users


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic