OpenSSH daemon security bug?
Paul
pgsery at swcp.com
Wed Jan 6 15:35:29 EST 2010
You might want to check out pamobc at
http://sourceforge.net/projects/pamobc. pamobc provides sshd with an
out-of-band challenge-response authentication mechanism delivers
one-time passwords through any user-land mechanism of your choice (i.e.,
email, pager, cell phone, etc). The one-time pwds can optionally be
encrypted to create a two-factor authentication mechanism.
Damien Miller wrote:
> On Tue, 5 Jan 2010, Davi Diaz wrote:
>
>
>> Unfortunately we can not configure sshd to require both
>> account-password and key authentication to be able to login. That
>> maybe would help to solve the key management risk because at least we
>> could automate the check to force the use of strong account-passwords
>> in our policy security.
>>
>
> Watch activity on https://bugzilla.mindrot.org/show_bug.cgi?id=983 if
> you are interested in progress on this feature.
>
> -d
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
More information about the openssh-unix-dev
mailing list