similar to: challenge-response token

Hello, I was searching the internet for an challenge-response system to authenticate an Openssh session with an hardware token. Now i found this, its very old, so i want to now how's the situation today. I couldn't find much documentation. Re: SSH with SecureID > Is there any documentation I'm missing on how to integrate the two? > We'd love to go with 2-factor

Hello , I have bought a cryptocard and i want to make it work openssh, now I need to initialize my token, install the cryptocard patch ( http://projects.jdimedia.nl/files/openssh-cryptocard.patch). The patch reads it's data from a file I've heard that some users made a conversion script from the CryptoADMIN server export to a crypto users file that the patch want. Is there anybody who can

Hi, I had a contractor write a patch to allow CryptoCard support in OpenSSH. It works with portable openssh-2.1.1p4, and it was posted to the SSH mailing lists, but I see that it hasn't been included in the openssh-2.2.0p1 release. Would it be possible to include this patch in the official release? The reason why I ask is because it will not be difficult to do that, it will support the

Greetings all, I'm working on attempting to get SAMBA to work with a product line called CryptoCard. I *should* be able to get it to work one of two ways, either through the use of CryptoCard's provided PAM module, or through RADIUS authentication. Currently, I cannot seem to get PAM authentication to work at all. This is what is in the 'samba' file for PAM: auth

All; I have a situation that I'm not sure can be done (I honestly don't know enough about Samba for this one). Here's what I have. The customer has a Windows ADS (note: It's the newer windows ADS, so there is no NT Domain as in the old NT format). There are also a number of *nix servers (AIX) that have data on them. They want to use Samba as basically, an NFS server to serve

Hi, this is merely FYI, but i would appreciate if someone had any comments or further information on the topic. We were using the following setup : cryptocard easyradius with RB-1 hardware tokens (hex or decimal display, synchronous (quicklog) mode) f-secure ssh with pam radius authentication This worked fine until we updated to openssh 2.9p2. Then all authentications where the response

Hello all, during tests of my SecurID patch I found a small mistake (maybe) in initialization of kbd-int devices. When kbdintctxt->device->init_ctx(authctxt) returns NULL whole challenge response authentication is stopped regardless availability of next devices. Small patch solving this situation is attached. ____________________________________________________________ Vyzkou?ejte pohodl?

SSH server specs: ----------------------- Redhat Linux 6.2 Custom built 2.2.17 kernel OpenSSL 0.9.5a (update from RedHat). OpenSSH 2.5.1p1 I am using my Linux box as an Internet gateway. I wanted to keep the box as secure as possible while still having the functionality I needed. The only way to connect to my server is through SSH. A fair majority of the time I am attempting to

Hello all, I looked long and hard for SecurID support for OpenSSH and I have not found it. So, I spent a few hours today and added SecurID authentication support into OpenSSH. Specifically the 2.2.0p1 portability release. I have beat on it for several hours and it seems to work just fine. I don't know if anyone would find these patches useful or not... I also don't know if the

I read the thread on securid back in march. openssh doesn't support it because it's propriatary, right? I understand that, however I've still got a problem. Work use securid *exclusively* using ssh2. It uses an authentication protocol of securid-1 at ssh.com. The client side does *not* need the securid propriatary stuff, no need for the include files or the library. So, given

When comparing SSH 1.2.27 with OpenSSH 2.5.1 I see that the SecurID code/patch is not in OpenSSH 2.5.1. I'm not sure how or why that happened. Upon looking through the OpenSSH 2.5.1 source, I think I could fairly easily provide a 'SecurID Authentication Method' patch (which would rely on -DHAVE_SECURID, -I/blah/securid/include, and -L/blah/securid/lib... /blah/securid being a

Hi, I just finished integrating CryptoCard support in OpenSSH. - Native X9.9 support. Should work with CryptoCard en Secure Computing tokens. This basically gives support for Challenge / Response - Licensed under BSD license I'll put the patch on http://www.jdimedia.nl/igmar/pam, but that wil shorty change to projects.jdimedia.nl. If desired I could also put in on the mail. Let me

> Hello > I complied openssh like this "./configure --with-pam" and I did configure > /etc/pam.conf as follows > # PAM configuration > # > # Authentication management > # > sshd auth required /lib/security/pam_securid.so reserve > sftp auth required /lib/security/pam_securid.so reserve > # > login auth required

I've been through the archive, and not found anything conclusive, except for a problem report of sorts from Theo E. Schlossnag (who has a set of patches for SecurID integration). I'm about to replace some ssh 1.2.26 (I know!) installations with OpenSSH 2.5.1p2, on Solaris 2.6 sparc boxes, and we use SecurID tokens for these boxes. I've compiled up OpenSSH 2.5.1p2 with --with-pam,

I was reading this SecurID patch to openssh-3.1p1, List: openssh-unix-dev Subject: =?iso-8859-2?Q?SecurID=20support=20for=20OpenSSH?= From: =?iso-8859-2?Q?V=E1clav=20Tomec?= <v_t_m at seznam.cz> Date: 2002-03-25 14:53:34 and think I've found a copy bugs, the patch for which is included below. First there's a an #ifdef'd if-statement which applies to

http://bugzilla.mindrot.org/show_bug.cgi?id=966 Summary: Will OpenSSH integrates SecurId ? Product: Portable OpenSSH Version: -current Platform: All OS/Version: Linux Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hello all, new version of SecurID patch is available on http://sweb.cz/v_t_m/ The new version of the patch is extended with "shared logins" possibility. It means that SecurID token can be used to login to an account shared by several persons. This cannot be solved using ACE server standard means. This patch depends on the AuthSelection patch (http://sweb.cz/v_t_m). After applying

If I were going to do this, I would probably try moving to a Windows 200x AD domain controller, and implementing RSA SecurID on that machine. I have not worked with other OTP solutions. As far as I understand, if Samba is configured as a domain controller, it expects to be able to handle the authentication itself. OTP is , in my opinion, most valuable when you are exposing resources to the

Hi, I would like to do some development on the securid patch to get it to display the passcode prompt when users log in with securid on ssh. Can anyone tell me which scripts currently handle the logon/password prompt in openssh please? Thanks, JS. _________________________________________________________________ Join the world?s largest e-mail service with MSN Hotmail.

I have received many queries as to the status of the SecurID patch for openssh 3.4. I finally found some time in my schedule to port and test. The integrated SecurID patches for OpenSSH version 3.4p1 are now available at the same old place: http://www.omniti.com/~jesus/projects/ The porting effort included moving all auth code to the new privilege separation model. Enjoy. -- Theo