SSH multi factor authentication
Bruce F Bading
badingb at us.ibm.com
Mon Jul 4 12:19:43 AEST 2016
There has been some good discussion around our IBM security team as to what
actually constitutes SSH multi factor authentication. There are 2 options
being discussed.
One, the Google Authenticator (OTP authentication).
Two, Public/Private key authentication (pubkeyauthentication = yes) which
supports pass phrase private key authentication.
Which of these is considered multi-factor authentication and can you give a
brief response? There are different opinions here and your opinion is
greatly appreciated.
Sincerely,
Bruce F. Bading
Senior Security Consultant
IBM Systems and Technology Group
830-237-6851
badingb at us.ibm.com
member ISACA since 1985
"United We Stand"
For those with risk, your time to remediate is today.
For those who have been breached, your time to remediate was yesterday!
More information about the openssh-unix-dev
mailing list