[Bug 1438] New: Adds an out-of-band challenge (OBC) authentication method ( via kbdint)
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Feb 6 16:39:51 EST 2008
https://bugzilla.mindrot.org/show_bug.cgi?id=1438
Summary: Adds an out-of-band challenge (OBC) authentication
method (via kbdint)
Classification: Unclassified
Product: Portable OpenSSH
Version: 4.7p1
Platform: All
OS/Version: Linux
Status: NEW
Keywords: patch
Severity: normal
Priority: P2
Component: sshd
AssignedTo: bitbucket at mindrot.org
ReportedBy: pgsery at swcp.com
Created an attachment (id=1452)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=1452)
Adds an out-of-band challenge (obc) device to kbdint
The out-of-band challenge (OBC) patch creates a kbdint device that
provides a server-based authentication mechanism. The server generates
and emails you a random string when you attempt to login. You're
authenticated if you can correctly answer the challenge.
You can use a regular email account, a pager, cell phone or other email
capable device to receive the challenge. However, by using a physical
device you create a one-time authentication secret completely separate
from your workstation.
OBC can be used in conjunction with the "Multiauth" patch
(https://bugzilla.mindrot.org/show_bug.cgi?id=1435), which allows you
to require two or more authentications for a successful login.
Combining OBC with Multiauth creates two physically separate
authentication factors equivalent to a commercial two-factor token. For
instance, requiring public key and OBC authentications creates
physically separate factors.
See README.obc for configuration and installation information
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list