Open Source Linux Authentication Software
Sort By:
Authentication Software for Linux
View 38 business solutionsBrowse free open source Authentication software and projects for Linux below. Use the toggles on the left to filter open source Authentication software by OS, license, language, programming language, and project status.
-
Gen AI apps are built with MongoDB AtlasMongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
1
*NOTE* Migrated to http://github.com/cracklib/cracklib Next generation version of libCrack password checking library. As of Oct 2008 (reflected in 2.8.15 code release), licensed under LGPL.
-
2
JXplorer - A Java Ldap Browser
Mature LDAP, LDIF and DSML client with i18n support.
A java LDAP client with LDIF support, security (inc SSL, SASL & GSSAPI), translated into many languages (inc. Chinese), online help, user forms and many other features. The commercial version is available at https://jxworkbench.com for $9.95. It extends JXplorer to include: - custom LDAP reporting - to pdf, word etc. - Find and Replace with regexp and attribute substitution - A secure password vault to store directory connections - etc. Support for JXplorer and JXWorkbench is available at http://jxplorer.org. Commercial support available from sales@jxworkbench.com -
3
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic directory brute-forcing mode, DNS subdomain brute-forcing mode, the mode that enumerates open S3 buckets and looks for existence and bucket listings, and the virtual host brute-forcing mode (not the same as DNS!). Since this tool is written in Go you need to install the Go language/compiler/etc. Full details of installation and set up can be found on the Go language website. Once installed you have two options. You need at least go 1.16.0 to compile gobuster. -
4
EJBCA is an enterprise class PKI Certificate Authority built on JEE technology. It is a robust, high performance, platform independent, flexible, and component based CA to be used standalone or integrated in other JEE applications.
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
Zentyal, Linux Small Business Server
Zentyal is a Linux Small Business Server
Zentyal Server is an easy to use and affordable Linux server, specially designed to meet the needs of small and medium businesses Thanks to Zentyal's Samba integration, Zentyal provides native compatibility with Microsoft Active Directory, allowing you to join Microsoft clients to a domain and manage them easily. Zentyal Server incorporates all the network services required in a small and medium business environment: * Directory & Domain Server with native compatibility with Microsoft Active Directory * Mail Server with ActiveSync and webmail * Gateway with firewall and proxy * Infrastructure Server with DNS/DHCP server, Certification Authority and Virtual Private Networks For more information and download, please access the project's home page. -
6
Fail2Ban
Daemon to ban hosts that cause multiple authentication errors
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc). Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services. -
7
-
8
Keycloak
Identity and access management for modern applications and services
Add authentication to applications and secure services with minimum fuss. No need to deal with storing users or authenticating users. It's all available out of the box. You'll even get advanced features such as User Federation, Identity Brokering and Social Login. Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code. Users authenticate with Keycloak rather than individual applications. This means that your applications don't have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don't have to login again to access a different application. This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak. -
9
ORY Oathkeeper
A cloud native Identity & Access Proxy / API (IAP)
ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. The BeyondCorp Model is designed by Google and secures applications in Zero-Trust networks. An Identity & Access Proxy is typically deployed in front of (think API Gateway) web-facing applications and is capable of authenticating and optionally authorizing access requests. The Access Control Decision API can be deployed alongside an existing API Gateway or reverse proxy. Ory offers a support plan for Ory Network Hybrid, including Ory on private cloud deployments. If you have a self-hosted solution and would like help, consider a support plan! The team at Ory has years of experience in cloud computing. Ory's offering is the only official program for qualified support from the maintainers. -
Simple, Secure Domain RegistrationRegister or renew your domain and pay only what we pay. No markups, hidden fees, or surprise add-ons. Choose from over 400 TLDs (.com, .ai, .dev). Every domain is integrated with Cloudflare's industry-leading DNS, CDN, and free SSL to make your site faster and more secure. Simple, secure, at-cost domain registration.
-
10
Sentry
Cross-platform application monitoring and error tracking software
Sentry is a cross-platform, self-hosted error monitoring solution that helps software teams discover, monitor and fix errors in real-time. The most users and logs will have to provide are the clues, and Sentry provides the answers. Sentry offers enhanced application performance monitoring through information-laden stack traces. It lets you build better software faster and more efficiently by showing you all issues in one place and providing the trail of events that lead to errors. It also provides real-time monitoring and data visualization through dashboards. Sentry’s server is in Python, but its API enables for sending events from any language, in any application. More than fifty-thousand companies already ship better software faster thanks to Sentry; let yours be one of them! -
11
Step Certificates
A private certificate authority (X.509 & SSH) & ACME server
Open Source step-ca provides the infrastructure, automations, and workflows to securely create and operate a private certificate authority. step-ca makes it easy for developers, operators and security teams to manage certificates for production workloads. Get a public key infrastructure and certificate authority running in minutes. Automate enrollment using ACME, OIDC, one-time tokens, cloud APIs and more. Use systemD timers, daemon mode, cron jobs, CI/CD, and more to automate certificate management. Build and operate systems using secure open standards (e.g. X.509, mTLS, JWT, OAuth, OIDC). step-ca is an online certificate authority for secure, automated certificate management. For people, in exchange for single sign-on ID tokens. For hosts, in exchange for cloud instance identity documents. Whatever your use case, step-ca is easy to use and hard to misuse. -
12
nuBuilder Forte
nuBuilder Forte is a cloud database builder.
nuBuilder Forte is the 4th version of nuBuilder. A open-source browser-based tool created for developing web-based database applications. nuBuilder uses either MySQL or MariaDB databases and gives its users the ability to do database operations like... • Search, Create, Insert, Read, Update, Delete ✪ With low-code tools that create ... - Forms with the Form Builder - Fast Reports - Database queries with the SQL Builder - Customised date and number formats with the Format Builder - Calculated fields with the Formula Builder - Email Templates - Move and resize objects. - Further customisation that can be done with JavaScript and PHP. ✪ nuBuilder stores all forms, reports, company data and PHP/JavaScript code in MySQL. You can backup your entire application within a single database file. ✪ Easy installation: - Download and unzip the nuBuilder files - Upload to your webserver - Create a database (e.g. nubuilder4) and optionally a user - Make a copy of -
13
LDAP Account Manager (LAM) is a webfrontend for managing accounts stored in an LDAP directory. You can use templates for account creation and use multiple configuration profiles. Account information can be exported as PDF file.
-
14
CID
Insert and manage Linux computers in AD
CID (Closed In Directory) is a set of bash scripts for inserting and managing Linux computers in Active Directory domains. Modifications made to the system allow Linux to behave like a Windows computer within AD. -
15
CloudFoundry UAA
CloudFoundry User Account and Authentication (UAA) Server
The UAA is a multi tenant identity management service, used in Cloud Foundry, but also available as a stand alone OAuth2 server. Its primary role is as an OAuth2 provider, issuing tokens for client applications to use when they act on behalf of Cloud Foundry users. It can also authenticate users with their Cloud Foundry credentials, and can act as an SSO service using those credentials (or others). It has endpoints for managing user accounts and for registering OAuth2 clients, as well as various other management functions. -
16
truffleHog
Searches through git repositories for high entropy strings and secrets
truffleHog searches through git repositories for high entropy strings and secrets, digging deep into commit history. TruffleHog runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With support for custom integrations and new integrations added all the time, you can secure your secrets across your entire environment. TruffleHog is developed by a team entirely comprised of career security experts. Security is our passion and primary concern, and all features are developed with best practices in mind. TruffleHog enables you to track and manage secrets within our intuitive management interface, including links to exactly where secrets have been found. TruffleHog runs quietly in the background, continuously scanning your environment for secrets. -
17
Apache APISIX
The cloud-native API gateway
Provides rich traffic management features such as load balancing, dynamic upstream, canary release, circuit breaking, authentication, observability, and more. Based on the Nginx library and etcd. Cloud-native microservices API gateway, delivering the ultimate performance, security, open source and scalable platform for all your APIs and microservices. Apache APISIX is based on Nginx and etcd. Compared with traditional API gateways, APISIX has dynamic routing and plug-in hot loading, which is especially suitable for API management under micro-service system. You can use Apache APISIX as a traffic entrance to process all business data, including dynamic routing, dynamic upstream, dynamic certificates, A/B testing, canary release, blue-green deployment, limit rate, defense against malicious attacks, metrics, monitoring alarms, service observability, service governance, etc. -
18
Google Auth Library
Google Auth Library for Node.js
This is Google's officially supported node.js client library for using OAuth 2.0 authorization and authentication with Google APIs. Use Application Default Credentials when you use a single identity for all users in your application. Especially useful for applications running on Google Cloud. Application Default Credentials also support workload identity federation to access Google Cloud resources from non-Google Cloud platforms. Use JWT when you are using a single identity for all users. Especially useful for server->server or server->API communication. Use workload identity federation to access Google Cloud resources from Amazon Web Services (AWS), Microsoft Azure or any identity provider that supports OpenID Connect (OIDC). Use workforce identity federation to access Google Cloud resources using an external identity provider (IdP) to authenticate and authorize a workforce—a group of users, such as employees, partners, and contractors. -
19
Guardian
Elixir Authentication
Guardian is a token based authentication library for use with Elixir applications. Guardian remains a functional system. It integrates with Plug but can be used outside of it. If you're implementing a TCP/UDP protocol directly or want to utilize your authentication via channels in Phoenix, Guardian can work for you. The core currency of authentication in Guardian is the token. By default JSON Web Tokens are supported out of the box but you can use any token that Has the concept of a key-value payload, is tamper-proof, can serialize to a String, or that has a supporting module that implements the Guardian.Token behavior. You can use Guardian tokens to authenticate web endpoints (Plug/Phoenix/X), channels/Sockets (Phoenix - optional), and any other system you can imagine. If you can attach an authentication token you can authenticate it. -
20
IdentityServer4
OpenID Connect and OAuth 2.0 Framework for ASP.NET Core
IdentityServer is a free, open-source OpenID Connect and OAuth 2.0 framework for ASP.NET Core. Founded and maintained by Dominick Baier and Brock Allen, IdentityServer4 incorporates all the protocol implementations and extensibility points needed to integrate token-based authentication, single-sign-on and API access control in your applications. IdentityServer4 is officially certified by the OpenID Foundation and thus spec-compliant and interoperable. It is part of the .NET Foundation and operates under their code of conduct. It is licensed under Apache 2 (an OSI-approved license). Active development happens on the main branch. This always contains the latest version. Each (pre-) release is tagged with the corresponding version. The aspnetcore1 and aspnetcore2 branches contain the latest versions of the older ASP.NET Core based versions. -
21
JSS
An authoring tool for CSS which uses JavaScript as a host language
A lib for generating Style Sheets with JavaScript. JSS is an authoring tool for CSS which allows you to use JavaScript to describe styles in a declarative, conflict-free and reusable way. It can compile in the browser, server-side or at build time in Node. JSS is framework agnostic. It consists of multiple packages, the core, plugins, framework integrations and others. If you’re interested in playing around with JSS, you can use an online code playground. Try a Hello World example on CodeSandbox. JSS generates actual CSS, not Inline Styles. It supports every existing CSS feature. CSS rules are created once and reused across the elements using its class name in contrary to Inline Styles. Also, when DOM elements get updated, previously created CSS rules are applied. JSS generates unique class names by default. It allows avoiding the typical CSS problem, where everything is global by default. It completely removes the need for naming conventions. -
22
MaxKey
MaxKey SSO ,Leading-Edge IAM-IDaas(Identity and Access Management)
Maxkey Single Sign On System, which means the Maximum key, Leading-Edge IAM/IDaas Identity and Access Management product, supports OAuth 2.x/OpenID Connect, SAML 2.0, JWT, CAS, SCIM, and other standard protocols, and provide Secure, Standard and Open Identity management (IDM), Access management (AM), Single Sign On (SSO), RBAC permission management and Resource management. MaxKey focuses on performance, security, and ease of use in enterprise scenarios, is widely used in industries such as healthcare, finance, government, and manufacturing. -
23
appwrite
Secure Backend Server for Web, Mobile & Flutter Developers
Appwrite is a self-hosted and cloud backend-as-a-service platform that provides developers with all the core APIs required to build any application. Build your entire backend within minutes and scale effortlessly using Appwrite's open-source platform. Add Authentication, Databases, Functions, Storage, and Messaging to your projects using the frameworks and languages of your choice. -
24
LDAP Explorer is a multi platform, graphical LDAP tool that enables you to browse, modify and manage LDAP servers.
-
25
WiKID Two-Factor Authentication System
Two-factor authentication system
The WiKID Strong Authentication System is a public-key based two-factor authentication system. It is a flexible, extensible, and secure alternative to tokens, certs and passwords. Application & API support exists for Java, ASP, PHP, Ruby, OpenVPN, TACACS+, etc. Read our eGuide on how to setup your network with two-factor authentication: http://www.wikidsystems.com/learn-more/two-factor-authentication-white-papers
