Re: TTY Login

[Alexander Lukyanenko <sashman () ua fm>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello Thiago,

Thursday, November 27, 2003, 4:57:19 PM, you wrote:


TL>     Hi Folks,

TL>     Let me explain my problem :

TL>     I have several machines in many locations, they're firewalls for my
TL> clients.  I don't like idea for writing down all root passwords for 2
TL> reasons :
TL>     1) security
TL>     2) Every time I went to a client I would have to bring the root
TL> password with me

TL>     So I thougth about those securitycards that can generate root
TL> passwords on the fly based on some algoritmh.  If I went to the client I
TL> could just see a PIN (right?) on screen and then calculate the root
TL> password. I know there's some "CARDS" that can do that, even if I don't
TL> really know the name of one, but there's any that gives me the same
TL> thing without a card?  That I could calculate using other software?

The solution already exists, it's called One Time Passwords, sometimes
it's called S/KEY, and an implementation of it is called OPIE
(One-time Passwords In Everything).

References
The RFC: http://www.faqs.org/rfcs/rfc2289.html
The OPIE's home page http://inner.net/opie
The NASA page http://www.nas.nasa.gov/Groups/Security/OPIE/
- - - --
* * * * * * * * * * * * * * *
* Alexander V. Lukyanenko   *
* mailto: sashman () ua fm     *
* ICQ#  : 86195208          *
* Phone : +380 44 458 07 23 *
* GSM   : +380 50 9 522 533 *
* OpenPGP key ID: 75EC057C  *
* NIC   : SASH4-UANIC       *
* * * * * * * * * * * * * * *
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQE/xxQUlz+8e3XsBXwRAj27AJ4m46BOJ7pInacdPh4S8/GLWebltwCeKa+m
P4A6I55Bb+FDfTa2kq2qQjw=
=MyeO
-----END PGP SIGNATURE-----


---------------------------------------------------------------------------
----------------------------------------------------------------------------