ocaml-ssl is a set of OCaml bindings for openssl.
This Perl library defines a single function, mkpasswd(), to generate
random passwords. The function is meant to be a simple way for
developers and system administrators to easily generate a relatively
secure password.
Sudo runs commands as another user, provided the system sudo
implementation is setup to enable this. This does not allow running
applications securely, simply it allows the programmer to run a
program as another user (suid) using the sudo tools rather than
suidperl. Suidperl is not generally recommended for secure operation
as another user. While sudo itself is a single point tool to enable
one user to execute commands as another sudo does not itself make you
any more or less secure.
Tie::EncryptedHash augments Perl hash semantics to build secure, encrypting
containers of data. Tie::EncryptedHash introduces special hash fields that are
coupled with encrypt/decrypt routines to encrypt assignments at STORE() and
decrypt retrievals at FETCH(). By design, encrypting fields are associated with
keys that begin in single underscore. The remaining keyspace is used for
accessing normal hash fields, which are retained without modification.
While the password is set, a Tie::EncryptedHash behaves exactly like a standard
Perl hash. This is its transparent mode of access. Encrypting and normal fields
are identical in this mode. When password is deleted, encrypting fields are
accessible only as ciphertext. This is Tie::EncryptedHash's opaque mode of
access, optimized for serialization.
Class for inheritable, role-based permissions system (Role Based Access
Control - RBAC).
Custom methods can be placed on role objects. Authorization can be
performed either by checking whether the role name matches the required
name, or by testing (via can) whether the role can perform the method
required.
Two role are specified by default. At the top, superusers can do anything
($superuser->can( $action ) always returns a coderef). At the bottom, the
base role can do nothing ($base->can( $action ) always returns undef).
All roles are automatically capable of authorizing actions named for the
singular and plural of the role name.
This is a PAM module for authenticating with PostgreSQL.
It also supports:
- Checking account information (pam_acct_expired,new_authtok_reqd)
- Updating auth token
The PAM module can add a two-factor authentication
step to any PAM-enabled application.
The Yubico authentication device Yubikey generates one-time passwords that can
be used for authentication. This module allows you to use the Yubikey device to
authenticate to the PAM system.
From the paperkey README file:
A reasonable way to achieve a long term backup of OpenPGP (GnuPG, PGP,
etc) keys is to print them out on paper. Paper and ink have amazingly
long retention qualities - far longer than the magnetic or optical
means that are generally used to back up computer data.
PBNJ is a network suite to monitor changes that occur on a network
over time. It does this by checking for changes on the target
machine(s), which includes the details about the services running on
them as well as the service state. PBNJ parses the data from a scan
and stores it in a database. PBNJ uses Nmap to perform scans.