two factor authentication
David Leonard
David.Leonard at quest.com
Tue Jul 25 11:44:29 EST 2006
Frank Cusack wrote:
> On July 24, 2006 8:57:32 PM +0000 Jefferson Ogata <Jefferson.Ogata at noaa.gov> wrote:
>
>> And the patches were what I was drawing attention to. But since sshd is
>> largely about strong authentication, it would be nice to see it natively
>> support per-user configuration of multiple required authentication methods.
>>
>
> I definitely agree with that!
>
I'm all for multiple-auth in sshd, but the current impl appears to
conflict with an obscure feature of RFC4462 that I have been trying to
implement, namely where the username field can start off blank and the
server deduces the username from the credentials. Has anyone else looked
at this? sshd currently rejects connections when the username field
changes between separate auth attempts.
d
More information about the openssh-unix-dev
mailing list