Open Source Linux Authentication Software
Sort By:
Authentication Software for Linux
View 41 business solutionsBrowse free open source Authentication software and projects for Linux below. Use the toggles on the left to filter open source Authentication software by OS, license, language, programming language, and project status.
-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Outgrown Windows Task Scheduler?Windows Task Scheduler wasn't built for complex, cross-platform automation. Get a free diagnostic that shows exactly where things are failing and provides remediation recommendations. Interactive HTML report delivered in minutes.
-
1
*NOTE* Migrated to http://github.com/cracklib/cracklib Next generation version of libCrack password checking library. As of Oct 2008 (reflected in 2.8.15 code release), licensed under LGPL.
-
2
JXplorer - A Java Ldap Browser
Mature LDAP, LDIF and DSML client with i18n support.
A java LDAP client with LDIF support, security (inc SSL, SASL & GSSAPI), translated into many languages (inc. Chinese), online help, user forms and many other features. The commercial version is available at https://jxworkbench.com for $9.95. It extends JXplorer to include: - custom LDAP reporting - to pdf, word etc. - Find and Replace with regexp and attribute substitution - A secure password vault to store directory connections - etc. Support for JXplorer and JXWorkbench is available at http://jxplorer.org. Commercial support available from sales@jxworkbench.com -
3
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic directory brute-forcing mode, DNS subdomain brute-forcing mode, the mode that enumerates open S3 buckets and looks for existence and bucket listings, and the virtual host brute-forcing mode (not the same as DNS!). Since this tool is written in Go you need to install the Go language/compiler/etc. Full details of installation and set up can be found on the Go language website. Once installed you have two options. You need at least go 1.16.0 to compile gobuster. -
4
Authenticator Pro
Two-Factor Authentication (2FA) client for Android + Wear OS
Authenticator Pro is a free and open-source two-factor authentication app for Android. It features encrypted backups, icons, categories, a high level of customization, and even a Wear OS app. Unlike some alternative apps, Authenticator Pro gives you control over your data. You can import from other apps and export at any time. Authenticator Pro is a community-backed open-source project which aims to provide privacy and security to users. The source-code is auditable by anyone on GitHub and released under the GPL 3.0 license. The project has no corporate ties or interests but, rather has the purpose of providing a secure and private two-factor authentication solution to the privacy-conscious. Unlike alternative user-hostile applications, Authenticator Pro does not lock-in your data or communicate with distant servers. Everything is safely protected in the app and can be exported at any time. -
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
5
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
-
6
PAM module which permits authentication for arbitrary services via ssh-agent. Written with sudo in mind, but like any auth PAM module, can be used for for many purposes.
-
7
jwt-auth
JSON web token authentication for Laravel and Lumen
jwt-auth provides a simple means of authentication within Laravel using JSON Web Tokens (spec). There are several ways to create a token within the package. There are simple ways to do it, and more advanced methods if you want greater control. The most common way to create a token would be to authenticate the user via their login credentials, and if successful return a token corresponding to that user. You can also skip user authentication and just pass in a User object. Once a user has logged in with their credentials, then the next step would be to make a subsequent request, with the token, to retrieve the users' details, so you can show them as being logged in. To make authenticated requests via http using the built in methods, you will need to set an authorization header. If you don't like the idea of catching mulitple exceptions inline, then you are free to add a global exception handler with Laravel. -
8
Keycloak
Identity and access management for modern applications and services
Add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. You'll even get advanced features such as User Federation, Identity Brokering and Social Login. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application. This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak. -
9
2FAS Auth Browser Extension
Source code for 2FAS Auth Browser Extension
2FAS Auth Browser Extension is a cross-browser plugin that integrates the 2FAS multi-factor authentication platform directly into the user’s web browsing workflow, helping streamline login flows by interfacing with web pages and 2FA token generation in a seamless way. Once installed in browsers like Chrome, Firefox, or others that support standard extension APIs, it can detect 2FA prompts on login forms and offer to fill or suggest one-time passwords generated by your 2FAS mobile clients or local vault, reducing friction and manual copy-paste steps. The extension communicates securely with companion mobile or desktop clients to fetch or synchronize token data, respecting encryption and privacy boundaries so that secrets are never exposed to the extension itself without user consent. It also lets users manage or view registered accounts, add new ones by scanning QR codes via companion apps, and handle token organization from within browser UI elements. -
Total Network Visibility for Network Engineers and IT ManagersThis means every device on your network, and every interface on every device is automatically analyzed for performance, errors, QoS, and configuration.
-
10
truffleHog
Searches through git repositories for high entropy strings and secrets
truffleHog searches through git repositories for high entropy strings and secrets, digging deep into commit history. TruffleHog runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With support for custom integrations and new integrations added all the time, you can secure your secrets across your entire environment. TruffleHog is developed by a team entirely comprised of career security experts. Security is our passion and primary concern, and all features are developed with best practices in mind. TruffleHog enables you to track and manage secrets within our intuitive management interface, including links to exactly where secrets have been found. TruffleHog runs quietly in the background, continuously scanning your environment for secrets. -
11
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as various other management functions. -
12
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
13
LDAP Account Manager (LAM) is a webfrontend for managing accounts stored in an LDAP directory. You can use templates for account creation and use multiple configuration profiles. Account information can be exported as PDF file.
-
14
-
15
CID
Insert and manage Linux computers in AD
CID (Closed In Directory) is a set of bash scripts for inserting and managing Linux computers in Active Directory domains. Modifications made to the system allow Linux to behave like a Windows computer within AD. -
16
Better Auth
The most comprehensive authentication library for TypeScript
Better Auth is framework-agnostic authentication (and authorization) library for TypeScript. It provides a comprehensive set of features out of the box and includes a plugin ecosystem that simplifies adding advanced functionalities with minimal code in a short amount of time. Whether you need 2FA, multi-tenant support, or other complex features. It lets you focus on building your actual application instead of reinventing the wheel. -
17
Fail2Ban
Daemon to ban hosts that cause multiple authentication errors
Fail2Ban scans log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc). Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services. -
18
LDAP Explorer is a multi platform, graphical LDAP tool that enables you to browse, modify and manage LDAP servers.
-
19
nuBuilder Forte
nuBuilder Forte is a cloud database builder.
nuBuilder Forte is the 4th version of nuBuilder. A open-source browser-based tool created for developing web-based database applications. nuBuilder uses either MySQL or MariaDB databases and gives its users the ability to do database operations like... • Search, Create, Insert, Read, Update, Delete ✪ With low-code tools that create ... - Forms with the Form Builder - Fast Reports - Database queries with the SQL Builder - Customised date and number formats with the Format Builder - Calculated fields with the Formula Builder - Email Templates - Move and resize objects. - Further customisation that can be done with JavaScript and PHP. ✪ nuBuilder stores all forms, reports, company data and PHP/JavaScript code in MySQL. You can backup your entire application within a single database file. ✪ Easy installation: - Download and unzip the nuBuilder files - Upload to your webserver - Create a database (e.g. nubuilder4) and optionally a user - Make a copy of -
20
Lexik JWT Authentication Bundle
JWT authentication for your Symfony API
LexikJWTAuthenticationBundle is a Symfony bundle that provides JWT (JSON Web Token) authentication for RESTful APIs. It simplifies the process of generating and validating JWTs for secure user authentication. The bundle integrates seamlessly with Symfony’s security system, allowing developers to implement token-based authentication efficiently while maintaining flexibility in user management. -
21
OAuth2orize
OAuth 2.0 authorization server toolkit for Node.js
OAuth2orize is a Node.js module for implementing OAuth 2.0 authorization servers, providing the server-side machinery needed to support standard OAuth grant types such as authorization code, implicit, resource owner password credentials, and client credentials. It integrates with Express and similar frameworks, letting developers define how clients are authenticated, how authorization decisions are made, and how tokens are issued, all through a clean, extensible API. The module encourages a modular design where individual grant types are plugged in as needed, enabling only relevant flows for a given application, such as supporting third-party app access without exposing user credentials. It also provides helpers for serializing clients and users into session state, signing tokens, and validating requests, reducing the boilerplate developers would otherwise write. -
22
Passport
Simple, unobtrusive authentication for Node.js
Passport is a flexible authentication middleware for Node.js that provides a modular and extensible system for handling user login and identity in web applications. It doesn’t impose specific user model structures or storage strategies but instead offers a unified API driven by “strategies”—small plugins that encapsulate authentication logic for protocols such as local username/password, OAuth, OpenID, SAML, and many others. This design allows developers to plug in only the strategies they need and swap or add new ones without rewriting core application logic, making Passport highly adaptable for diverse authentication requirements. Passport hooks into Express (and similar frameworks) using middleware functions that run during the request lifecycle, simplifying tasks like session management, credential validation, and user serialization. -
23
OpenPAM is an open source PAM library that focuses on simplicity, correctness, and portability.
-
24
Howdy For Linux
Windows Hello style facial authentication for Linux
Howdy provides Windows Hello™ style authentication for Linux. Use your built-in IR emitters and camera in combination with facial recognition to prove who you are. Using the central authentication system (PAM), works everywhere you would otherwise need your password: Login, lock screen, sudo, su, etc. -
25
passport-facebook
Facebook authentication strategy for Passport and Node.js.
passport-facebook is a Passport strategy for authenticating users with their Facebook credentials using the OAuth 2.0 protocol, enabling Node.js applications to let visitors log in with their Facebook account easily. It manages the redirection to Facebook’s login page, the authorization code exchange, and the retrieval of basic profile information, reducing the boilerplate developers would otherwise write to integrate with Facebook’s API manually. When used with Express and Passport, the strategy triggers redirects and callback handling automatically based on configured routes, so developers can focus on application logic like user onboarding and account linkage. The module normalizes the returned user profile into a consistent format so you can store or use profile data with minimal translation. It also handles secure token exchange and sanitization of inputs to protect against common OAuth attacks.
