RSA SecurID-compatible software token for Linux/UNIX systems
Clone or download
cernekee README: Delete duplicate libtomcrypt-dev package
Signed-off-by: Kevin Cernekee <cernekee@gmail.com>
Latest commit c948387 Sep 12, 2018
Permalink
Failed to load latest commit information.
examples examples: Don't pass uninitialized variables into the library Jul 27, 2014
gui Fix compatibility with older versions of libgtk Jul 19, 2014
java java: Compile for Java 1.8 (2014) Sep 11, 2018
m4 buildsys: Disable symbol versioning where unavailable Dec 2, 2014
misc Fix OSX travis builds Sep 11, 2018
ppa ppa: Bump standards version to 3.9.8 Jan 9, 2017
src library: rcfile: Try $USERPROFILE if $HOME is empty Oct 29, 2017
tests tests: Use the libtool in the build directory Oct 29, 2017
.gitignore m4: Create m4/ and update .gitignore files Dec 2, 2014
.travis.yml Fix OSX travis builds Sep 11, 2018
CHANGES Bump version to 0.92 and update changelog Nov 12, 2017
COPYING.LIB stoken: Import source files Oct 7, 2012
Makefile.am tests: Use the libtool in the build directory Oct 29, 2017
README.md README: Delete duplicate libtomcrypt-dev package Sep 12, 2018
TODO Update changelog Jun 9, 2014
autogen.sh m4: Create m4/ and update .gitignore files Dec 2, 2014
configure.ac Bump version to 0.92 and update changelog Nov 12, 2017
libstoken.map compat: Add stoken__mkstemps() Nov 30, 2014
release.sh release.sh: Work around autotools search path wackiness Jun 21, 2014
stoken-gui.1 gui: Add --small option to conserve desktop space Apr 24, 2014
stoken.1 man: Add --next option; tweak formatting Jul 20, 2014
stoken.pc.in pkgconfig: Fix missing libxml2 in Requires.private Dec 28, 2014
win32deps.pl fixed blacklist for cross compile with fedora 25 Mar 3, 2017

README.md

stoken - Software Token for Linux/UNIX

stoken is a tokencode generator compatible with RSA SecurID 128-bit (AES) tokens. The project includes several components:

  • A simple command line interface (CLI) used to manage and manipulate tokens
  • A GTK+ GUI with cut&paste functionality
  • A shared library allowing other software to generate tokencodes on demand

Building on Linux

Dependencies

  • libtomcrypt or nettle
  • libxml2
  • libgtk3.0 (required for stoken-gui only)

If you are building from Git, you'll need to install autoconf / automake / libtool, and run autogen.sh first. This is not necessary if building from a released source tarball.

On Debian or Ubuntu, this should satisfy most/all dependencies:

sudo apt-get install libgtk-3-dev libtomcrypt-dev libxml2-dev autoconf automake libtool build-essential

Compile instructions

./autogen.sh  # from Git only; not necessary if building from tarball
./configure
make
make check
make install

Usage

First, import a token from a raw string or an "sdtid" XML file:

stoken import --token 2000123456...
stoken import --token com.rsa.securid.iphone://ctf?ctfData=2000123456...
stoken import --file mytoken.sdtid

This will prompt for an optional password, so that your seed is encrypted on disk.

Next, use the CLI or GUI to show the current tokencode:

stoken tokencode
stoken-gui &

If your token requires a PIN, stoken will prompt for it. You can use stoken setpin to cache your PIN in ~/.stokenrc. This is much less secure, but may be useful for automation.

Modern versions of OpenConnect link against libstoken and can send an autogenerated tokencode as the password. Import your token using the above instructions, then:

openconnect -u USERNAME --token-mode=rsa HOSTNAME

See the man pages for additional details: stoken(1), stoken-gui(1)

See examples/ and src/stoken.h for information on using the shared library interface (libstoken) to generate tokencodes from other applications.

Screenshots

stoken-gui stoken-gui --small

Building on other platforms

Mac OS X

Initial setup

The following configuration was tested under Mavericks 10.9.5; other variants may work too:

  • Install gcc/make/headers: xcode-select --install
  • Install Homebrew
  • Install XQuartz to support GTK+3
  • Use Homebrew to satisfy dependencies: brew install git autoconf automake libtool nettle pkg-config gtk+3 gnome-icon-theme hicolor-icon-theme
  • Use OSX's builtin libxml2 (no action needed)

Compiling

Note that GNU libtool is called glibtool to avoid collisions with Apple's libtool program:

export LIBTOOL=glibtool
git clone git://github.com/cernekee/stoken
cd stoken
bash autogen.sh
./configure
make
make check
make install

Experimental Windows build

As of v0.8, stoken can be built for Windows using the MinGW cross toolchain on Fedora. This is not tested or maintained regularly.

Initial setup

On a Fedora 20 PC (other versions may work as well), install the build dependencies:

yum groupinstall "Development Tools"
yum install git autoconf automake libtool mingw32-gnutls mingw32-libxml2 mingw32-gtk3

Compiling

git clone git://github.com/cernekee/stoken
cd stoken
bash autogen.sh
mingw32-configure
make winpkg

If all goes well, you should be able to copy winpkg.zip to a Windows PC and run stoken.exe or stoken-gui.exe.

TODO

Several items are known to be missing or broken on the Windows build:

  • Default home directory is probably incorrect
  • No installer
  • The GUI requires its assets to be in the current directory
  • Password entry is not masked
  • stoken --random flag
  • No charset translation on filenames

Misc

Author: Kevin Cernekee <cernekee@gmail.com>

License: LGPLv2.1+

stoken is a hobbyist project, not affiliated with or endorsed by RSA Security.