[kwlug-disc] Tightening up SSH

Andrew Kohlsmith (mailing lists account) aklists at mixdown.ca
Tue Jul 20 10:36:29 EDT 2010

On Tuesday, July 20, 2010 10:32:15 am Adam Glauser wrote:
> > Are there hooks in the ssh protocol (and in Ubuntu) to receive a
> > challenge from the remote and display it to the user, gathering a
> > response and sending it back?
> This seems to be what the YubiKey that Chris mentioned upthread is
> trying to do.  He says there is supposed to be a PAM module available.
> It claims it is better than a one-time pad, and to not require a
> challenge/response, though I haven't had time to figure out how it works
> exactly.

I read about the Yubikey after seeing the link here... it sounds almost 
perfect, but the site says that the key itself does not have any 
challenge/response mechanism.

I understand that the server/client have a challenge/response (server asking 
client for Yubi passphrase, client obtaining it from the key and responding to 
server with it)... I'm gonna dig around some more... I'm liking this.


More information about the kwlug-disc mailing list