Doing certain classes of work one has to satisfy e.g. banking due diligence, which tends to be stronger than ordinary cluster due diligence. One aspect of that security (generally required, quite independent of whether or not it really increases security) is "strong authentication", currently held to be multifactor authentication, e.g. SSH keys AND a one-time password, a password AND biometrics, etc.
I've got a possible gig set up that may need this and have been investigating the OTP devices for cost and linux capability. The cost seems generally to be "high", and while there are a few that are up-front linux capable, it seems to be really difficult to find a company that will just sell you a key generator at (say) $10 a pop and give you a matching piece of software to run on your linux server. There are a couple of possible exceptions to pursue in addition to the e.g. RSA-like solutions with their enormous cost, but I thought I'd throw it out to the group here too. Is there a straightforward low-cost way to generate OTP's without ten thousand dollar server software packages? rgb Robert G. Brown http://www.phy.duke.edu/~rgb/ Duke University Dept. of Physics, Box 90305 Durham, N.C. 27708-0305 Phone: 1-919-660-2567 Fax: 919-660-2525 email:[email protected] _______________________________________________ Beowulf mailing list, [email protected] To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
