[lug] Attacks Intensifying
Lee Woodworth
blug-mail at duboulder.com
Thu Oct 28 15:12:58 MDT 2004
I haven't looked for OTP funcionality with openssh. I recall seeing
settings related to s/key for sshd. I don't know if that can be
configured as an additional authentication requirement (e.g. in addition
to a public key).
Jani Averbach wrote:
> On 2004-10-28 13:06-0600, Lee Woodworth wrote:
>
>>Unless you have the requirement that users can SSH from anywhere,
>>blocking attackers is opposite of recommended security policy:
>> specifically allow known sources, deny all others.
>>
>>My file exchange server requires users to have keys, no passwords
>>allowed. It looks to me that the time I spent setting up user keys and
>>allowing their addresses is less than the time you are going to spend on
>>blocking attackers.
>>
>
>
> Well, I need an access from everywhere and morever, time to time, I
> have to use one time passwords.
>
> So do you know if it is possible to make a system where entry level
> check is done with public keys, and after that actual access is granted by
> OTPW?
>
> Br, Jani
>
More information about the LUG
mailing list