Security Basics mailing list archives
Re: TTY Login
From: Alexander Lukyanenko <sashman () ua fm>
Date: Fri, 28 Nov 2003 11:23:22 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello Thiago, Thursday, November 27, 2003, 4:57:19 PM, you wrote: TL> Hi Folks, TL> Let me explain my problem : TL> I have several machines in many locations, they're firewalls for my TL> clients. I don't like idea for writing down all root passwords for 2 TL> reasons : TL> 1) security TL> 2) Every time I went to a client I would have to bring the root TL> password with me TL> So I thougth about those securitycards that can generate root TL> passwords on the fly based on some algoritmh. If I went to the client I TL> could just see a PIN (right?) on screen and then calculate the root TL> password. I know there's some "CARDS" that can do that, even if I don't TL> really know the name of one, but there's any that gives me the same TL> thing without a card? That I could calculate using other software? The solution already exists, it's called One Time Passwords, sometimes it's called S/KEY, and an implementation of it is called OPIE (One-time Passwords In Everything). References The RFC: http://www.faqs.org/rfcs/rfc2289.html The OPIE's home page http://inner.net/opie The NASA page http://www.nas.nasa.gov/Groups/Security/OPIE/ - - - -- * * * * * * * * * * * * * * * * Alexander V. Lukyanenko * * mailto: sashman () ua fm * * ICQ# : 86195208 * * Phone : +380 44 458 07 23 * * GSM : +380 50 9 522 533 * * OpenPGP key ID: 75EC057C * * NIC : SASH4-UANIC * * * * * * * * * * * * * * * * -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) iD8DBQE/xxQUlz+8e3XsBXwRAj27AJ4m46BOJ7pInacdPh4S8/GLWebltwCeKa+m P4A6I55Bb+FDfTa2kq2qQjw= =MyeO -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Re: TTY Login Alexander Lukyanenko (Dec 01)
- <Possible follow-ups>
- RE: TTY Login Devilscrow Sr (Dec 01)