Re: s/key authentication for Apache on FreeBSD?
From: Brett Glass (brett_at_lariat.org)
Date: 12/10/03
- Previous message: Mark Murray: "Re: s/key authentication for Apache on FreeBSD?"
- Maybe in reply to: Brett Glass: "s/key authentication for Apache on FreeBSD?"
- Next in thread: bruce_at_nikkel.com: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: bruce_at_nikkel.com: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: James Welcher: "Re: s/key authentication for Apache on FreeBSD?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Dec 2003 12:48:24 -0700 To: Kyle Amon <amonk@gnutec.com>
At 07:39 AM 12/10/2003, Kyle Amon wrote:
>It sounds like you're going all crazy here.
It does?
> Unfortunately, what you've
>written to describe your requirement is not very precise. Assuming you
>are not concerned about "keystroke loggers"
You must have misunderstood my message: This is EXACTLY what the owner is
concerned about. Encrypting the content is not as important as preventing
unfettered future access via a password stolen by sniffing either the
network or the keyboard. Thus, SSL -- while it might be nice -- is optional.
What's needed is one-time passwords for "basic" authentication in Apache.
--Brett Glass
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Mark Murray: "Re: s/key authentication for Apache on FreeBSD?"
- Maybe in reply to: Brett Glass: "s/key authentication for Apache on FreeBSD?"
- Next in thread: bruce_at_nikkel.com: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: bruce_at_nikkel.com: "Re: s/key authentication for Apache on FreeBSD?"
- Reply: James Welcher: "Re: s/key authentication for Apache on FreeBSD?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
