search for: secureid

Hello to all the Great "crypto" People (... my first time in this list ..) I'm trying to compile openSSH-3.4p1 with the SecureID patch taken from: http://www.omniti.com/~jesus/projects/openssh-3.4p1+SecurID_v1.patch I'm having trouble to compile the patched openSSH over the Cygwin platform. this is probably since there is no cygwin SecureID agent available , so i'm using the linux one (Redhat). does anyone has a solu...

...: "Marcus J. Ranum" <mjr at nfr.com> Cc: Darren Reed <darrenr at reed.wattle.id.au>, Crist Clark <crist.clark at globalstar.com>, <capegeo at opengroup.org>, <firewall-wizards at nfr.net>, <miedaner at twcny.rr.com> Subject: Re: [fw-wiz] SecureID vs Certificates In-Reply-To: <5.0.2.1.2.20010215153231.00a590c0 at fraggle.nfr.com> Errors-To: firewall-wizards-admin at nfr.com X-BeenThere: firewall-wizards at nfr.com X-Mailman-Version: 2.0beta5 Precedence: bulk List-Id: Firewall Wizards Security Mailing List <firewall-wizards.nfr.com&g...

Hi, =20 I=92m looking for inspiration on how to get Samba (setup as a Domain controller)=20 To authenticate its users by AAA products like Safeword from = securecomputing (HYPERLINK "http://www.safeword.com/"www.safeword.com) or RSA SecureID =96 HYPERLINK "http://www.rsa.com/"www.rsa.com=20 =20 Would appreciate responses from you kind folks =20 Rgds Gopal --=20 No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.296 / Virus Database: 265.6.5 - Release Date: 12/26/2004 =20

> | The ACE server has _nothing_ to do with a CA I know . But still there should be some kind of feature to offer "centralized authentication" with no relying on the 2 ssh sides, anyone agree ? (I suggested the ACE for 3 reasons: the team here find it reasonbly o.k - at list by looking in the archives it's quite known it's a good starting point - i think) TIA , Ran Sasson

...it was discussed a few weeks ago. I believe that implementing auth vectors was suggested as a way to achieve this. The reasoning behind the need for partial auth is that there are cases when multiple methods of authentication are required for the user to be successfully authenticated (password and SecureID for example). I just want to find out if there are any active plans for building this, or if there is a decision not to include partial auth in OpenSSH. Thank you, -Dmitry.

I have a few questions: 1) Is OpenSSH 2.9p2 (or any other version of OpenSSH) vulnerable to the same problem as SSH3.0.0? (described here: http://www.kb.cert.org/vuls/id/737451 ) 2) There is a "SECURID" patch in the contrib section since 2.5.2p2. I am using it, but applying this patch to each new version is growing more difficult as time goes on. Would you consider merging this

...files being transferred, and possibly their sizes, has been a requested feature since early 2000 (over six years!!) and I've yet to see any of the developers on this list respond directly. I've found a patch from V?clav Tomec here: http://sweb.cz/v_t_m/ but it includes lots of other stuff (SecureID implementation and a tweak for being able to select allow/deny users for each kind of authentication) which I don't need and don't want to "support". Every file manipulation utility available for the Unix/Linux world provides the ability to log what it is doing, except for scp a...

Some reactions on the thread : Integrating SmartCard in PAM is no problem. Problem I'm facing with for example CryptoCard and SecureID tokens is that those manufacturers refuse to give out any form of information about the internal operation of those tokens. That prevents me from implementing event synchronous mode. The best way to handle this with SSH is probably the way for example Apache and PAM handles those : Using DSO'...

...e terminals without being asked for a password again. It seems that it use the 'same channel' created from the first ssh client. So, it's possible with openssh on linux/bsd? If yes, how? If not, can you add this feature? Why I ask taht? Because it's really annoying when I have a SecureID key, and I must wait 1 minute between login.. When I want to open 10 terms, it will take more than 10 minutes and 30 seconds just to log in. Also, I like to enter the password ONE time. Thanks for your help! E. -- Eric LeBlanc inouk at igt.net -------------------------------------------------- U...

Hello, I was searching the internet for an challenge-response system to authenticate an Openssh session with an hardware token. Now i found this, its very old, so i want to now how's the situation today. I couldn't find much documentation. Re: SSH with SecureID > Is there any documentation I'm missing on how to integrate the two? > We'd love to go with 2-factor authentication, but we want to make > sure our traffic remains encrypted. Any solutions? > >We are doing exactly such thing. I did not want to make mistake of most challe...

I noticed that (perhaps because ':' is invalid in a username) you can say ssh -l user:style host, where the "user:style" is sent by the client, and the server strips the ":style" part off and makes it available as part of the authentication context. It's currently unused. What are the plans for this, if any? I was experimenting with the idea of using it with SRP

Hi All, I havent heard a response back to my previous posts so I am now trying from a "broader" topic. What I have is the following: A 2 Form Factor Token Authentication system similar to RSA SecureID A Linux SAMBA 3.0.14a-Debian I've got the two systems authenticating against each other with RADIUS via PAM support. When I tell SAMBA to use this PAM support as well, I see the following happen: ====== With a known bad password 08:17:17.406519 IP 192.168.0.200.2582 > crypto.radius: RAD...

...sted on AIX4.2 and AIX4.3. The patch is on openssh-1.2.1pre25, with openssl-0.94, using RSAref. 1) authenticate support - this function allows the system to determine authentification. Whatever the system allows for login, authenticate will too. It doesn't matter whether it is AFS, DFS, SecureID, local. 2) loginsuccess - this function will log to /etc/security/lastlog as well as clear the failed logins. 3) loginfailed - this function will increase the number of failed logins and update /etc/security/lastlog and /etc/security/failedlogins. 4) loginrestrictions - this function will...

I''d like to hear some suggestions about securely administering a system remotely. Here''s the application: a project is going to scatter some server machines around the US. The server machines will be running Linux, with the only network servers being a custom application. Ignoring the separate question of physical security, how can I remotely check the system''s