Ports Search

lsh is a client that can connect to the corresponding lshd server. It uses the SECSH protocol, which means that it is compatible with SSH 2.0, except for file transfer, which is not part of SECSH. SECSH uses compression and encryption algorithms that are unencumbered, and lsh itself is GPL. lsh is not as feature-rich as OpenSSH, as it doesn't currently support password-protected keyrings, the SSH 1.X protocols, TCP wrappers, etc. On the other hand, it doesn't require OpenSSL, and doesn't take a lot of work to avoid patented algorithms. Port author's notes on usage and common problems can be found at

libGringotts is a small, easy-to-use, thread-safe C library originally developed for Gringotts; its purpose is to encapsulate data (generic: ASCII, but also binary data) in an encrypted and compressed structure, to be written in a file or used elseway. It makes use of strong encryption algorithms, to ensure the data are as safe as possible, and allow the user to have the complete control over all the algorithms used in the process. For encryptions, libGringotts makes use of the MCrypt and MHash libs by Nikos Mavroyanopoulos.

libsparkcrypto is a formally verified implementation of several widely used symmetric cryptographic algorithms using the SPARK programming language and toolset. For the complete library proofs of the absence of run-time errors like type range violations, division by zero and numerical overflows are available. Some of its subprograms include proofs of partial correctness. The distribution contains test cases for all implemented algorithms and a benchmark to compare its performance with the OpenSSL library. The achieved speed has been found to be very close to the optimized C and Assembler implementations of OpenSSL.

From the README: "oidentd is an ident (rfc1413 compliant) daemon that runs on Linux, FreeBSD, OpenBSD and Solaris. oidentd can handle IP masqueraded/NAT connections on Linux, FreeBSD (ipf only) and OpenBSD. oidentd has a flexible mechanism for specifying ident responses. Users can be granted permission to specify their own ident responses. Responses can be specified according to host and port pairs." FreeBSD's inetd has a built-in ident service which can also generate bogus responses. Please see the TODO file for more information on why only ipf is supported under FreeBSD. Mark Laws mdl@60hz.org

Shibboleth is standards-based, open source middleware software which provides Web Single SignOn (SSO) across or within organizational boundaries. It allows sites to make informed authorization decisions for individual access of protected online resources in a privacy-preserving manner. This software is a C++ implementation of the Service Provider version 2 component of the Shibboleth can be used in Apache Web servers. The service provider manages secured resources. User access to resources is based on assertions received by the service provider (SP) from an identity provider.

A user authentication and authorisation framework plugin for Dancer2 apps. Makes it easy to require a user to be logged in to access certain routes, provides role-based access control, and supports various authentication methods/sources (config file, database, Unix system users, etc). Designed to support multiple authentication realms and to be as extensible as possible, and to make secure password handling easy (the base class for auth providers makes handling `RFC2307'-style hashed passwords really simple, so you have no excuse for storing plain-text passwords).

Crypt::Password::Util is a crypt password utilities. Its crypt($str) works like Perl's crypt(), but automatically choose the appropriate crypt type and random salt. Will first choose SSHA512 with 64-bit random salt. If not supported by system, fall back to MD5-CRYPT with 32-bit random salt. If that is not supported, fall back to CRYPT. Its crypt_type($str) returns crypt type, or undef if $str does not look like a crypted password. Currently known types: CRYPT (traditional DES crypt), MD5-CRYPT (including Apache variant), SSHA256 (salted SHA256), SSHA512 (salted SHA512), and PLAIN-MD5. See also Authen::Passphrase which recognizes more encodings (but currently not SSHA256 and SSHA512).

This module contains a simple S/Key calculator (as described in RFC 1760) implemented in Perl. It exports the function `key' by default, and may optionally export the function `compute'. `compute_md4', `compute_md5', `key_md4', and `key_md5' are provided as convenience functions for selecting either MD4 or MD5 hashes. The default is MD4; this may be changed with with the `$Crypt::SKey::HASH' variable, assigning it the value of `MD4' or `MD5'. You can access any of these functions by exporting them in the same manner as `compute' in the above example. Most S/Key systems use MD4 hashing, but a few (notably OPIE) use MD5.

SinFP is a new approach to OS fingerprinting, which bypasses limitations that nmap has. Nmap approaches to fingerprinting as shown to be efficient for years. Nowadays, with the omni-presence of stateful filtering devices, PAT/NAT configurations and emerging packet normalization technologies, its approach to OS fingerprinting is becoming to be obsolete. SinFP uses the aforementioned limitations as a basis for tests to be obsolutely avoided in used frames to identify accurately the remote operating system. That is, it only requires one open TCP port, sends only fully standard TCP packets, and limits the number of tests to 2 or 3 (with only 1 test giving the OS reliably in most cases).

This module allows easy access to GnuPG's key management, encryption and signature functionality from Python programs, by interacting with GnuPG through file descriptors. Input arguments are strictly checked and sanitised, and therefore this module should be safe to use in networked applications requiring direct user input. It is intended for use with Python 2.6 or greater. This is a fork of python-gnupg-0.3.2, patched to fix a potential vulnerability which could result in remote code execution, do to unsanitised inputs being passed to subprocess.Popen([...], shell=True).