Yeah, I guess it's not really cloud specific, other than the idea that it's for remote systems that are in networks I don't control, and it needs to be a setup that is easily replicated/deployed...you know, like an AWS instance, or such ;)
I had looked around for a pam module for the google auth not terribly long ago and didn't find anything that was outside of alpha-level stuff. Brian On Fri, Jan 28, 2011 at 6:36 PM, Jeremy Katz <[email protected]>wrote: > Right, the AWS two factor auth is just for access to their stuff and > not at all related to instance auth. > > You basically want anything that can be used for two factor auth in > Fedora? The Yubikeys should work (http://www.yubico.com/yubikey) and > I also vaguely remember that Google released a library with a pam > module for their two factor auth a few months ago although I'm not > finding a link to it in a quick check > > - Jeremy > > On Fri, Jan 28, 2011 at 4:42 PM, Brian LaMere > <[email protected]> wrote: > > Anyone have luck setting up two-factor auth for Fedora in "the Cloud" - > > preferably, at AWS? Yes, I got one of the token generators discussed > > at http://aws.amazon.com/mfa/ > > However, those only appear to help with authentication to (per the faq): > > > > Secure pages on the AWS Portal (http://aws.amazon.com) > > AWS Management Console (https://console.aws.amazon.com) > > > > What if I need to multi-factor auth to the instances themselves? Anyone > > know if there's a service out there that does this for Fedora (or RedHat, > > which can easily be made to work for...) instances in the "cloud?" > > I'm used to doing this locally and then making the remote systems only > allow > > access via a limited number of machines (which themselves do 2-factor). > I'm > > now in a situation though with every workstation being outside the trust > > zone completely, VPN not being something that could change that (too many > > details...), and thus needing to accomplish the 2-factor in the cloud > > itself. Most of the results from "two factor authentication cloud" I get > > are about cloud-based providers authenticating the local > machines...versus > > what I need, which is a service that I can auth cloud-based machines > against > > for the second factor. I know of many industries that would *have* to > have > > a 2-factor solution to use cloud instances, so surely my google-fu is > just > > not working...anyone gone down this road themselves yet? > > Brian > > _______________________________________________ > > cloud mailing list > > [email protected] > > https://admin.fedoraproject.org/mailman/listinfo/cloud > > > > > _______________________________________________ > cloud mailing list > [email protected] > https://admin.fedoraproject.org/mailman/listinfo/cloud >
_______________________________________________ cloud mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/cloud
