Firewall Wizards mailing list archives
RE: secure ID token based authentication
From: Prashant Desai <prashant_secret () yahoo com>
Date: Mon, 27 Jan 2003 21:58:18 -0800 (PST)
Hi Andrew thanks a lot for all the info , but if could provide this in more details then it would really help as m newbiw to all these auth stuff , even some pointers on this will help , i tried searching google but m not getting the results which precisely i want to pls send me some more info in more details regards Prashant --- "Kalat, Andrew (ISS Atlanta)" <akalat () iss net> wrote:
Sure, you can do this a couple of ways. For Solaris you can install the SD client which includes a new shell. In essence, the person invokes the SDshell on login, and it will prompt for the passcode. After proper auth, it'll pass them to their usual shell as configured in their user account in the ACE server. I *believe* they have a client for linux, but I'm not sure. For Cisco, I recommend going the Tacacs route. Set up something like Cisco's Tacacs server, which has support for SecurID on the back end. Then, you not only can control log in to the cisco boxen using securID, but you can control what commands that particular user can invoke. You can also configure the ace server to listen for tacacs and radius directly, but I'm not a big fan of this. You loose a lot of control and features if you go direct to ACE with tacacs/radius. Let me know if you'd like more details. Andy *Please note, these comments are my own and not that of my employer*
---------------------------------------------------------
Andrew J. Kalat, | Direct:(404)236-2713 MSS Senior Security Engineer | Main: (404)236-2600 Internet Security Systems, Inc. | E-Mail: akalat () iss net 6303 Barfield Road | <http://www.iss.net/> Atlanta, GA 30328 | PGP key available.-----Original Message----- From: Prashant Desai[mailto:prashant_secret () yahoo com]Sent: Saturday, January 25, 2003 2:13 PM To: firewall-wizards () honor icsalabs com Subject: [fw-wiz] secure ID token basedauthenticationHi is any body using the token basedauthenticationusing secure ID and ACE server, i would like to replace /etc/passwd based authentication ofsolaris7,8,9 and few Redhat 7.x boxes with the secure ID token based authetications ,along with the authetication of cisco routers , is this possible ? i search on google alsocheckedout the secure home page but didt got much info , kindly let me know is it possible or not or pointmesome url having info on this regards Prashant __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign upnow. http://mailplus.yahoo.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards __________________________________________________ Do you Yahoo!? Yahoo! Mail Plus - Powerful. Affordable. Sign up now. http://mailplus.yahoo.com _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: secure ID token based authentication, (continued)
- Re: secure ID token based authentication John Keeton (Jan 26)
- Re: secure ID token based authentication ark (Jan 27)
- Re: secure ID token based authentication Mike Scher (Jan 27)
- Re: secure ID token based authentication Luca Berra (Jan 26)
- Message not available
- Re: secure ID token based authentication Luca Berra (Jan 27)
- Re: secure ID token based authentication Ben Nagy (Jan 28)
- Re: secure ID token based authentication ark (Jan 29)
- Message not available
- Re: secure ID token based authentication Ben Nagy (Jan 27)
- RE: secure ID token based authentication Prashant Desai (Jan 28)