Re: PAM & RSA (SuSE Linux+OpenSSH)



Thanks...

Novell SLES 9 is the OS installed in our servers. As a security officer,
I try to implement the Common Criteria EAL4+ procedure
(http://www.bsi.bund.de/zertifiz/zert/reporte/0256b.pdf and
http://www.bsi.bund.de/zertifiz/zert/reporte/0256a.pdf) in these
servers. It is necessary the use of audit program on the servers. They
recommend the combination of PAM_LAUS and AUDIT. The system managers use
the RSA authentication against the servers.


Darren Tucker wrote:
> On Sat, Jan 14, 2006 at 04:39:06PM +0100, Juan C. Sanchez-DelBarrio wrote:
>
>>pam_rsa, it's only a name example. My intention is to use the id_rsa
>>(RSA Authentication) through LibPAM.
>
>
> You want to modify sshd so that RSAAuthentication is done via PAM calls?
> If so that would not be easy and would require modification to the PAM
> implementation as well as sshd. See:
> https://www.redhat.com/archives/pam-list/2005-October/msg00069.html
>
> Anyway, that only explains what you want to do and not why you want to
> do it. What advantage over sshd's native authentication would you get?
>