Re: RSA SecureID on SolarisFrom: Doug Hughes (doug@Eng.Auburn.EDU)
- Previous message: Myers, Mike: "RE: Disabling Unnecessary Services from inetd.conf File"
- In reply to: adam morley: "RSA SecureID on Solaris"
- Next in thread: Doug Hughes: "Re: RSA SecureID on Solaris"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 8 Apr 2002 09:50:36 -0500 (CDT) From: Doug Hughes <doug@Eng.Auburn.EDU> To: adam morley <firstname.lastname@example.org>
On Sat, 6 Apr 2002, adam morley wrote:
> Is anyone using these to authenticate users on Solaris? Can they be easily integrated into dtlogin, apache, etc.? Perhaps with pam in some way?
> Has anyone looked into how "secure" they are? Can one guess the number on the display, perhaps based on the serial on the back?
> For those of you who do run them, have you replaced the password with the securid random + pin number? Or done something else?
Yes, it works, and there are hooks in datafellows ssh, openssh, and pam
to support securid authentication. Personally, I prefer pam and there
are several free pam modules that will let you do securid authentication.
I ported Wyman Miles pam_securid from redhat to Solaris in November of
last year, and it works just fine (a couple of minor changes, and
some include file differences). (This is one of several different
versions of pam modules that you could use).