search for: multiauth

...wer the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the challenge. However, by using a physical device you can receive a one-time authentication secret isolated from your workstation. OBC can be used in conjunction with the "Multiauth" patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1435), to create a two-factor authentication system; Multiauth allows you to require two or more authentications for a successful login. Combining OBC with Multiauth creates two physically separate authentication factors equivalent to a...

I looked around for a while, but couldn't find any code for requiring multiple authentication mechanisms in openssh. So I wrote an implemention. I thought at first I should change the PasswordAuthentication, PubkeyAuthentication, etc. keywords to allow no/yes/required. But there's some funky stuff in auth2.c with respect to keyboard interactive auth that would make this kind of

...the challenge. You can use a regular email account, a pager, cell phone or other email capable device to receive the challenge. However, by using a physical device you create a one-time authentication secret completely separate from your workstation. OBC can be used in conjunction with the "Multiauth" patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you to require two or more authentications for a successful login. Combining OBC with Multiauth creates two physically separate authentication factors equivalent to a commercial two-factor token. For instance, requiring p...

...2 adds a multiple authentication methods option to sshd. I updated the patch to 4.7p1 and added logic to allow it to work with privilege separation. https://bugzilla.mindrot.org/show_bug.cgi?id=1435 -------------- next part -------------- A non-text attachment was scrubbed... Name: openssh-4.7p1-multiauth.patch Type: text/x-patch Size: 7098 bytes Desc: not available Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080202/c709151b/attachment.bin

...l be able to calculate the secrets using brute force). vtoken.c is an example virtual token app. It prompts you for your PIN and calculates the challenge response from the secret, which is embedded in it's source. VToken in it's present form should be used in conjunction with the "Multiauth" patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you to use multiple authentication methods tolog into a machine. You'll want to use Pubkey together with VToken. In the future, VToken will by itself will provide two-factor authentication. The secret will be embe...

...will be able to calculate the secrets using brute force). vtoken.c is an example virtual token app. It prompts you for your PIN and calculates the challenge response from the secret, which is embedded in it's source. VToken in it's present form should be used in conjunction with the "Multiauth" patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you to use multiple authentication methods to log into a machine. You'll want to use Pubkey together with VToken. In the future, VToken will by itself will provide two-factor authentication. The secret will be embedd...

...will be able to calculate the secrets using brute force). vtoken.c is an example virtual token app. It prompts you for your PIN and calculates the challenge response from the secret, which is embedded in it's source. VToken in it's present form should be used in conjunction with the "Multiauth" patch (https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you to use multiple authentication methods to log into a machine. You'll want to use Pubkey together with VToken. In the future, VToken will by itself will provide two-factor authentication. The secret will be embedd...