| 1 |
Hi Daniel, |
| 2 |
|
| 3 |
Nachricht vom Donnerstag, 19. Juni 2003, 20:41:20: |
| 4 |
|
| 5 |
> Hello, |
| 6 |
|
| 7 |
|
| 8 |
> Are there any efforts made to provide gentoo with alternative way of |
| 9 |
> logging in? |
| 10 |
|
| 11 |
> I am currently researching methods how I can authenticate users |
| 12 |
> within a LAMP-system (Linux Apache Mysql PHP) and I came across One-time passwords. |
| 13 |
|
| 14 |
> There does exist OPIE for Unix, which allows on a software basis to |
| 15 |
> log into the machine with onetime passwords. |
| 16 |
|
| 17 |
> Although it is important to harden the software basis, to provide a |
| 18 |
> secure environment, wouldn't it also be important to also provide a |
| 19 |
> safer means of authenticating the users? |
| 20 |
|
| 21 |
> So, I just wanted to know if there are any research made to provide |
| 22 |
> gentoo with alternative ways of authenticating users, maybe also by |
| 23 |
> smartcards / etokens, ...? |
| 24 |
|
| 25 |
I was thinking about generating time-based passwords (lets say |
| 26 |
md5(now()+"secret")) with a java-enabled cellphone... |
| 27 |
|
| 28 |
|
| 29 |
Timo |
| 30 |
|
| 31 |
|
| 32 |
-- |
| 33 |
gentoo-hardened@g.o mailing list |
Archives