Re: Challenge/response authentication



"JN" == Jacob Nevins <jacobn@xxxxxxxxxxxxxxxxxxxxxx> writes:

JN> So, to use a particular form of challenge-response authentication
JN> (such as S/Key), all you need to do is configure the server to use
JN> it as a backend (a process I know little about, but I wouldn't be
JN> surprised if PAM is involved in many cases), and any client
JN> implementing the above methods will be able to use it.

Yes; with OpenSSH, set UsePAM=yes and configure the PAM stack for ssh
(often /etc/pam.d/ssh) to perform the desired authentication method, e.g.:

auth required pam_opie.so

--
Richard Silverman
res@xxxxxxxx

.