Prev: KDE and Gnome
Next: badblocks
From: Rahul on 9 Oct 2009 16:05
As a small (~25 user) educational Linux cluster so far we have only used
"strong" [sic] passwords, and I/P restrictions for securing user logins.

THis has a lot of flaws. I've been thinking of adding some sort of two-
factor authentication solution. I've used RSA-Secure IDs in the past but
those seem designed for huge users like banks, corporates etc. Our access
needs are simple and we want a cheap, simple solution.

I looked at VASCO and CryptoCard but they seem similar. Are there any other
options? Perhaps open source?

--
Rahul
From: Keith Keller on 9 Oct 2009 16:49
["Followup-To:" header set to comp.os.linux.misc.]

On 2009-10-09, Rahul <nospam(a)nospam.invalid> wrote:
>
> I looked at VASCO and CryptoCard but they seem similar. Are there any other
> options? Perhaps open source?

You might look into OPIE:

http://www.rho.cc/index.php/linux2/46-1key/66-how-to-setup-opie-with-pam-on-linux

OPIE seems a bit old, so perhaps there is better otp software out there
(or perhaps it's just the links I was able to find that are old).

--keith

--
kkeller-usenet(a)wombat.san-francisco.ca.us
(try just my userid to email me)
AOLSFAQ=http://www.therockgarden.ca/aolsfaq.txt
see X- headers for PGP signature information

From: Maxwell Lol on 9 Oct 2009 21:44
Rahul <nospam(a)nospam.invalid> writes:

> As a small (~25 user) educational Linux cluster so far we have only used
> "strong" [sic] passwords, and I/P restrictions for securing user logins.



You could look into the Yubikey ($20 a piece)
http://www.yubico.com/products/yubikey/

You could have everyone get an ebay/paypal account and get one of the $7
tokens.

From: google on 10 Oct 2009 09:38
Hallo Rahul,

as a matter of fact our company has a two-factor OTP solution, which
is based on Linux and uses the HMAC-OTP Algorithm (defined in
RFC4226).
It supports different kind of tokens (Aladdin eToken PASS or NG OTP,
Safeword Alpine or a mobile OTP Token.
There is a LinOTP Community Edition which is completely GPL (see
http://opensource.lsexperts.de) and an LSE LinOTP Enterprise Edition,
that supports more Tokens, a better mangement and has maintenance ans
support.

The Community Edition also has a simple "software token" (in fact a
python script to simulate an OTP-Token) to try it and get started
easily.

Kind regards
Corneilus

On 9 Okt., 22:05, Rahul <nos...(a)nospam.invalid> wrote:
> As a small (~25 user) educational Linux cluster so far we have only used
> "strong" [sic] passwords, and I/P restrictions for securing user logins.
>
> THis has a lot of flaws. I've been thinking of adding some sort of two-
> factor authentication solution. I've used RSA-Secure IDs in the past but
> those seem designed for huge users like banks, corporates etc. Our access
> needs are simple and we want a cheap, simple solution.
>
> I looked at VASCO and CryptoCard but they seem similar. Are there any other
> options? Perhaps open source?
>
> --
> Rahul

From: cornelinux on 10 Oct 2009 10:00
On 9 Okt., 22:49, Keith Keller <kkeller-use...(a)wombat.san-
francisco.ca.us> wrote:

>
> You might look into OPIE:
>
Hi Rahul,
OTPW might be even more suiting than OPIE.
OTPW works fine easy and fast. But the second factor that is
introduced is a sheet of paper!

Kind regards
Cornelius
 | 
Pages: 1
Prev: KDE and Gnome
Next: badblocks