RE: [fw-wiz] secure ID token based authentication

From: Prashant Desai (prashant_secret@yahoo.com)
Date: 01/28/03 

From: Prashant Desai <prashant_secret@yahoo.com>
To: "Kalat, Andrew (ISS Atlanta)" <akalat@iss.net>, firewall-wizards@honor.icsalabs.com
Date: Tue Jan 28 10:28:19 2003

Hi Andrew

  thanks a lot for all the info , but if could provide
this in more details then it would really help as m
newbiw to all these auth stuff , even some pointers on
this will help , i tried searching google but m not
getting the results which precisely i want to pls send
me some more info in more details

regards
Prashant
--- "Kalat, Andrew (ISS Atlanta)" <akalat@iss.net>
wrote:
> Sure, you can do this a couple of ways.
> For Solaris you can install the SD client which
> includes a new shell. In
> essence, the person invokes the SDshell on login,
> and it will prompt for
> the passcode. After proper auth, it'll pass them to
> their usual shell as
> configured in their user account in the ACE server.
>
> I *believe* they have a client for linux, but I'm
> not sure.
>
> For Cisco, I recommend going the Tacacs route. Set
> up something like
> Cisco's Tacacs server, which has support for SecurID
> on the back end.
> Then, you not only can control log in to the cisco
> boxen using securID,
> but you can control what commands that particular
> user can invoke. You
> can also configure the ace server to listen for
> tacacs and radius
> directly, but I'm not a big fan of this. You loose a
> lot of control and
> features if you go direct to ACE with tacacs/radius.
>
>
> Let me know if you'd like more details.
> Andy
>
> *Please note, these comments are my own and not that
> of my employer*
>
>
>
---------------------------------------------------------
> Andrew J. Kalat, |
> Direct:(404)236-2713
> MSS Senior Security Engineer | Main:
> (404)236-2600
> Internet Security Systems, Inc. | E-Mail:
> akalat@iss.net
> 6303 Barfield Road | <http://www.iss.net/>
> Atlanta, GA 30328 | PGP key available.
>
>
>
>
> > -----Original Message-----
> > From: Prashant Desai
> [mailto:prashant_secret@yahoo.com]
> > Sent: Saturday, January 25, 2003 2:13 PM
> > To: firewall-wizards@honor.icsalabs.com
> > Subject: [fw-wiz] secure ID token based
> authentication
> >
> >
> > Hi
> >
> > is any body using the token based
> authentication
> > using secure ID and ACE server, i would like to
> > replace /etc/passwd based authentication of
> solaris
> > 7,8,9 and few Redhat 7.x boxes with the secure ID
> > token based authetications ,along with the
> > authetication of cisco routers ,
> >
> > is this possible ? i search on google also
> checked
> > out the secure home page but didt got much info ,
> > kindly let me know is it possible or not or point
> me
> > some url having info on this
> >
> > regards
> > Prashant
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> http://mailplus.yahoo.com
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
>
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
>
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com