LinOTP is a solution for strong two-factor authentication with one time passwords. It features a modular architecture into which UserIdResolver, authentication, and OTP calculation modules can be plugged. It includes UserIdResolver modules for LDAP/AD, SQL, and flat file user databases, and authentication modules for PAM and RADIUS. New modules can be developed easily. Supported tokens are HMAC-OTP/HOTP (RFC 4226/ OATH compliant), Aladdin eToken PASS, eToken NG-OTP, Safeword Alpine, Yubikey, Google Authenticator, motp, SMS OTP/Mobile TAN, email token, and a Simple Pass token for users without token hardware. TOTP is supported, along with a new algorithm for daily passwords for applications not supporting RADIUS. OCRA tokens are supported to allow transaction signing in banking environments. CLI, Web, and GTK+ GUI clients are available for management. LinOTP features multi-client capability, redundancy, and a self-service portal. It has been used with PAM for local and SSH logins, Apache, VPN, and Windows Terminal Server, and is OATH certified.
privacyIDEA is a multi-factor authentication solution. It can manage any type of authentication device. All common OTP (one time password) devices are supported, including Google Authenticator, eToken Pass, OTP cards, Yubikey, SMSOTP, and mTAN/mobileTAN. New devices can be added easily. Users can be retrieved from flat files, LDAP, Active Directory, SQL databases, and SCIM services. It can also handle authorization and writes all events to a digitally signed audit log, giving you basic AAA functionality.