[kwlug-disc] Tightening up SSH
Andrew Kohlsmith (mailing lists account)
aklists at mixdown.ca
Tue Jul 20 10:36:29 EDT 2010
On Tuesday, July 20, 2010 10:32:15 am Adam Glauser wrote:
> > Are there hooks in the ssh protocol (and in Ubuntu) to receive a
> > challenge from the remote and display it to the user, gathering a
> > response and sending it back?
>
> This seems to be what the YubiKey that Chris mentioned upthread is
> trying to do. He says there is supposed to be a PAM module available.
> It claims it is better than a one-time pad, and to not require a
> challenge/response, though I haven't had time to figure out how it works
> exactly.
I read about the Yubikey after seeing the link here... it sounds almost
perfect, but the site says that the key itself does not have any
challenge/response mechanism.
I understand that the server/client have a challenge/response (server asking
client for Yubi passphrase, client obtaining it from the key and responding to
server with it)... I'm gonna dig around some more... I'm liking this.
-A.
More information about the kwlug-disc
mailing list