----- Original Message ----- From: "Ray Strode" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, May 27, 2002 3:45 AM Subject: Re: [luau] Linux POS/Cash Register Terminal Image
> > 1) Will any client side authentication be desired? If so, what should > > the client authenticate against? > What do you mean by client-side authentication? Like have to > authenticate to the POS locally and then login in again remotely? I > don't think that would be necessary. Would be confusing, too. Warren > what do you think? We were thinking about putting a unique DSA private key (without a passphrase) onto each flash disk. That would be the unique identifier for each cash register, using DSA private/public authentication for the login into an SSH account on the server. This should work out great because it would be nearly impossible to spoof, and cash registers cannot accidentally log into the wrong SSH account. For further control we could tie the SSH account and keypair to a static IP address (also embedded in the flash disk). Perhaps we could also have the server enforce logins from that IP, account and keypair only from a certain MAC address.
