1999-12-08-14:56:15 Morse, Michael H.:
> Anybody have a terminal server authenticating with SecurID?
Two jobs ago, we did. It was a Cisco 2511, and as I recall it was setup to use
TACACS for auth, and we had software on a Sun from Security Dynamics to do
TACACS protocol for SecurID.
> What we'd like is a box that folks could connect with PPP, but would require
> they input their SecurID number [...]
Yup, that's how it worked.
> (probably in a terminal window after the modems connect).
That would be up to the dialin software. When the answering modem connected,
users got a prompt --- as I recall it was "Username: ", but it's been some
years now --- and entered a login id; then they got a password prompt of some
sort and there they entered their SecurID PIN# and the number off the token,
and then PPP could negotiate.
So when I did this, it was with a simple expect script that used "interact" to
let me enter my auth creds, then fired up pppd. I've no idea what other ppp
dialin setups might offer.
-Bennett
PGP signature
