[Noisebridge-discuss] Two factor auth, not SecureID
Matt Peterson
matt at peterson.org
Thu Oct 15 21:45:21 UTC 2009
(Since we have an abundant number of sysadmin/neteng/security folks
here, I though I'd post my question here - apologies if this is off
topic)
I've been asked to setup a two-factor authorization system (not for
the space ;), traditionally most folks go with RSA SecureID. I'm
shying away for this based on horrid outsourced tech support, crufty
Java code (their error reporting leaves much to be desired) and above
market pricing.
It looks like the recent CryptoCard "Blackshield" product is quite
nice - modern code <http://thesecondfactor.blogspot.com/2008/10/tools-of-development.html
>, runs under VMware <http://blackshield.cryptocard.com/index.php/bsid-products/bsid-overview/blackshield-new-25
> (ironically all these systems seem to prefer running under
Windows), and supports the OATH standard (in theory allowing for using
any standards following hardware or software token).
My particular application is AAA against OpenSSH & Apache. It looks
like OpenLDAP can wired into this setup too, which would be great
too. My query is to see which system/tokens folks prefer in a Linux
environment, cost structure and support. Thanks.
--Matt
More information about the Noisebridge-discuss
mailing list