challenge-response token
Frank Cusack
fcusack at fcusack.com
Fri Apr 5 06:43:53 EST 2002
On Thu, Apr 04, 2002 at 01:32:33PM +0200, Lourens Bordewijk wrote:
> Hello,
>
> I have to find a solution logon through OpenSSH to OpenBSD machines from
> anywhere in the world (unsave computers). So I think I must use a
> challenge-response system with an hardware token that isn't connected to the
> computer. I do not want to use a RSA ACE/SERVER, so i can't use SecurID ? I
> can't use challenge response mode with cryptocard, because I want to protect
> it against an attacker that can break DES. Is it possible to use ActivCard
> with OpenSSH and OpenBSD ? Are there other solutions ?
So use synchronous mode with cryptocard.
Or yes, you can use activcard. You will have to use their server
(sounds like you don't want to do that) or buy their dev kit which is
a bit pricy and then write a lot of code.
/fc
More information about the openssh-unix-dev
mailing list