Re: One-Time passwords for regular user accounts?
- From: "Nico Kadel-Garcia" <nkadel@xxxxxxxxxxx>
- Date: Sat, 29 Apr 2006 12:57:39 -0400
Carlos Moreno wrote:
John Thompson wrote:
I wonder if there is a way (a standard way, that is) to setup
one-time passwords for logging in to a Linux box (through SSH).
Search google on "opie" (one-time passwords in everything) and
"S/KEY"
Hmmm... The information seems a bit scarce. But still, from one of
the descriptions I read, it seems to be resistant to sniffing attacks,
and not to key loggers. But using SSH -- which I do -- makes me
already impervious to sniffing.
My concern is that I do not trust the keyboard where I'm typing my
password -- that's why I would like the server to have a list of
passwords ready to use, and as soon as one of them is used, it is
immediately removed from that list.
Am I getting it wrong?
Your concern is reasonable. I've used OPIE and its like in the past, for
off-site modem access. It works rather well, although you do need to keep
your printed list of one-time passwords with you.
.
- Follow-Ups:
- References:
- One-Time passwords for regular user accounts?
- From: Carlos Moreno
- Re: One-Time passwords for regular user accounts?
- From: John Thompson
- Re: One-Time passwords for regular user accounts?
- From: Carlos Moreno
- One-Time passwords for regular user accounts?
- Prev by Date: Re: One-Time passwords for regular user accounts?
- Next by Date: Re: One-Time passwords for regular user accounts?
- Previous by thread: Re: One-Time passwords for regular user accounts?
- Next by thread: Re: One-Time passwords for regular user accounts?
- Index(es):
Relevant Pages
|
