SecurID

Pekka Savola pekkas at netcore.fi
Tue Mar 20 09:02:54 EST 2001


On Mon, 19 Mar 2001, Jeff Blaine wrote:

> When comparing SSH 1.2.27 with OpenSSH 2.5.1 I see that the SecurID
> code/patch is not in OpenSSH 2.5.1.
>
> I'm not sure how or why that happened.
>
> Upon looking through the OpenSSH 2.5.1 source, I think I could fairly
> easily provide a 'SecurID Authentication Method' patch (which would
> rely on -DHAVE_SECURID, -I/blah/securid/include, and
> -L/blah/securid/lib... /blah/securid being a proprietary product
> from Security Dynamics)
>
> I'm not committing to anything yet, but is this something that will
> be welcome if I do it?  ... or shall I just hack the source again
> to turn auth_password into something that does SecurID only for
> our specific needs.  Seems silly.

I think there was a policy decision against n+1 _proprietary_
authentication mechanisms some time ago.  Could be wrong.

-- 
Pekka Savola                  "Tell me of difficulties surmounted,
Netcore Oy                    not those you stumble over and fall"
Systems. Networks. Security.   -- Robert Jordan: A Crown of Swords






More information about the openssh-unix-dev mailing list