Requiring multiple authentication
- From: Jeff Simmons <jsimmons@xxxxxxxxxxxxxxx>
- Date: Thu, 11 Sep 2008 17:09:42 -0700
A while back (March) I was sent the below reply, which contained references to
patches to OpenSSH 4.7p1 that require multiple authentication. Are there any
similar patches to 4.8 and/or 5.1? And is there any chance of something
similar making it into the standard OpenSSH distribution? The first of these
patches saved me much grief when dealing with PCI-DSS (Payment Card Industry
Data Security Standards).
Jeff Simmons wrote:
While doing a bit of research, I've found some historic attempts to requirehttps://bugzilla.mindrot.org/show_bug.cgi?id=983 forces you to use both
multiple authentication in sshd (i.e. both public/private key and
login/password). Is there any way to get this working in the current ssh
distribution, specifically in up to date stable OpenBSD?
Thanks for any assistance, even a no, we don't do that.
public key and password authentication.
https://bugzilla.mindrot.org/show_bug.cgi?id=1435 allows you to specify
2 or more methods.
The patches are made against portable 4.7p1 but I imagine should be
relatively easy to adapt to openBSD.
Jeff Simmons jsimmons@xxxxxxxxxxxxxxx
Simmons Consulting - Network Engineering, Administration, Security
"You guys, I don't hear any noise. Are you sure you're doing it right?"
-- My Life With The Thrill Kill Kult
- Prev by Date: Re: Hostbased auth for root only
- Next by Date: OpenSSH appends IP address/hostname to username
- Previous by thread: Hostbased auth for root only
- Next by thread: OpenSSH appends IP address/hostname to username