bugzilla-daemon at bugzilla.mindrot.org
2008-Feb-06 05:39 UTC
[Bug 1438] New: Adds an out-of-band challenge (OBC) authentication method ( via kbdint)
https://bugzilla.mindrot.org/show_bug.cgi?id=1438
Summary: Adds an out-of-band challenge (OBC) authentication
method (via kbdint)
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: Linux
Status: NEW
Keywords: patch
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: pgsery at swcp.com
Created an attachment (id=1452)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1452)
Adds an out-of-band challenge (obc) device to kbdint
The out-of-band challenge (OBC) patch creates a kbdint device that
provides a server-based authentication mechanism. The server generates
and emails you a random string when you attempt to login. You're
authenticated if you can correctly answer the challenge.
You can use a regular email account, a pager, cell phone or other email
capable device to receive the challenge. However, by using a physical
device you create a one-time authentication secret completely separate
from your workstation.
OBC can be used in conjunction with the "Multiauth" patch
(https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you
to require two or more authentications for a successful login.
Combining OBC with Multiauth creates two physically separate
authentication factors equivalent to a commercial two-factor token. For
instance, requiring public key and OBC authentications creates
physically separate factors.
See README.obc for configuration and installation information
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jun-13 03:58 UTC
[Bug 1438] Adds an out-of-band challenge (OBC) authentication method (via kbdint)
https://bugzilla.mindrot.org/show_bug.cgi?id=1438
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> 2008-06-13
13:58:00 ---
We don't want to add more kbdint methods - it is better to use a
cross-platform authentication API like PAM or BSD auth.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2008-Jul-22 02:21 UTC
[Bug 1438] Adds an out-of-band challenge (OBC) authentication method (via kbdint)
https://bugzilla.mindrot.org/show_bug.cgi?id=1438
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
--- Comment #2 from Damien Miller <djm at mindrot.org> 2008-07-22
12:21:00 ---
Mass update RESOLVED->CLOSED after release of openssh-5.1
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
Seemingly Similar Threads
- [PATCH] Out-of-band challenge (OBC) authentication method
- [Bug 1439] New: Adds Virtual Token (VToken) authentication method to kbdint
- [Bug 1439] New: Adds Virtual Token (VToken) authentication method to kbdint
- [Bug 1393] New: patch modifies gnome-ssh-askpass to optionally use one-time password
- [PATCH] Virtual Token (VToken) challenge authentication method