Re: RSA SecurID soft tokens under FreeBSD
On Fri, 1 Jun 2007 13:15:22 -0400
[EMAIL PROTECTED] wrote:
I'm
interested in monitoring RSA SecureID using Nagios.
Hi Mark,
what do you mean by monitoring SecureID ? you mean, to monitor auth failures
/ successess? performance of the related services?
I would say it's a matter of knowing how the information is presented by RSA's
software, and then having Nagios monitor that...
_
{Beto|Norberto|Numard} Meijome
Always listen to experts. They'll tell you what can't be done, and why.
Then do it.
Robert A. Heinlein
I speak for myself, not my employer. Contents may be hot. Slippery when wet.
Reading disclaimers makes you go blind. Writing them is worse. You have been
Warned.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: RSA SecurID Pam Module Support?
We have recently purchased an RSA SecurID Appliance and there are no native libraries for *BSD OS's. I have downloaded and installed the appropriate files within the Linux Compat environment, but I'm not having any success making it work. Specifically, the key file in question is /compat/linux/lib/pam_securid.so. When I add the appropriate configuration line to /etc/pam.d/sshd and attempt to log in I get the following: May 3 09:43:01 ad-mon01 sshd[30508]: in openpam_load_module(): no /compat/linux/lib/pam_securid.so found May 3 09:43:01 ad-mon01 sshd[30508]: fatal: PAM: initialisation failed Of course, the file actually does exist. -rwxr-xr-x 1 1047 900 895304 May 2 11:13 /compat/linux/lib/pam_securid.so Has anyone had any success getting this .so to work under FreeBSD, specifically 6.2 Release? Hi Michael, We're also running some RSA SecurID Appliances. Since we need the support from RSA and that FreeBSD is not listed in their supported OS matrix, we decided to use RedHat for the front-end HTTP servers to run their module. All the rest of our business application that requires RSA authentication is running under FreeBSD. IMHO you should only use an RSA supported OS to run their module. Because otherwise you won't receive any help from them if they know you're running this under FreeBSD. Sad, but unfortunately true. Good luck, David -- David Robillard UNIX systems administrator Oracle DBA CISSP, RHCE Sun Certified Security Administrator Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: RSA SecurID Pam Module Support?
Michael K. Smith - Adhost wrote: Hello All: We have recently purchased an RSA SecurID Appliance and there are no native libraries for *BSD OS's. I have downloaded and installed the appropriate files within the Linux Compat environment, but I'm not having any success making it work. Specifically, the key file in question is /compat/linux/lib/pam_securid.so. When I add the appropriate configuration line to /etc/pam.d/sshd and attempt to log in I get the following: May 3 09:43:01 ad-mon01 sshd[30508]: in openpam_load_module(): no /compat/linux/lib/pam_securid.so found May 3 09:43:01 ad-mon01 sshd[30508]: fatal: PAM: initialisation failed Of course, the file actually does exist. -rwxr-xr-x 1 1047 900 895304 May 2 11:13 /compat/linux/lib/pam_securid.so Has anyone had any success getting this .so to work under FreeBSD, specifically 6.2 Release? The last time i tried this i had no luck (2 or 3 years ago, i forget now) I was trying to authenticate against ACE server rather than a Appliance and finally ended up using pam_radius and using the ACE server as a radius server which worked pretty well. good luck, Vince Regards and Thanks, Mike ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: RSA SecurID soft tokens under FreeBSD
Hi, Does anyone use RSA SecurID soft tokens under FreeBSD? I'm writing a end-to-end monitoring app and will be needing to authenticate using SecurID, and have come up pretty empty-handed in my search for more info. Thanks, Marcus Hi Marcus, We're using Nagios to monitor our RSA SecureID websites. Nagios is in the FreeBSD ports as net-mgmt/nagios. Basically, it's just a simple perl script wrapped into Nagios. It works very well. Let me know if you need more info. Cheers, David -- David Robillard CISSP, RHCE, SCSA Montreal: +1 514 966 0122 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: RSA SecurID
Yes. Starting with just login authentication, then eventually, if I can figure out how, for web page authentication. I saw that RSA has an addon for Apache, but you have to buy their $5000 server to support it. But logins are the first priority. Thanks, --Brian are you looking to use the fob's (lcd number generator) for login authentication? Hi all. I've searched in the archives and found nothing on this newer then 2001...so any help would be appreciated. I'm looking to find a way to support RSA's SecurIDs on FreeBSD. There was something mentioned back in March of 2001 on the topic, but that's all I could find. Could someone please tell me if this is possible, and if it is, where to look for more info? Thanks, --Brian McCann Do a google search for pam_securid. It's a pam module which allows you to use the secureid fob for login. -- dax To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: RSA SecurID
I would think its possible as we just use hyperterminal to login to our RSA server at work. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Brian McCann Sent: Thursday, January 16, 2003 7:52 PM To: [EMAIL PROTECTED] Subject: RSA SecurID Hi all. I've searched in the archives and found nothing on this newer then 2001...so any help would be appreciated. I'm looking to find a way to support RSA's SecurIDs on FreeBSD. There was something mentioned back in March of 2001 on the topic, but that's all I could find. Could someone please tell me if this is possible, and if it is, where to look for more info? Thanks, --Brian McCann To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: RSA SecurID
Yes. Starting with just login authentication, then eventually, if I can figure out how, for web page authentication. I saw that RSA has an addon for Apache, but you have to buy their $5000 server to support it. But logins are the first priority. Thanks, --Brian -Original Message- From: Dax Eckenberg [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 16, 2003 11:55 PM To: Brian McCann Subject: Re: RSA SecurID are you looking to use the fob's (lcd number generator) for login authentication? - Original Message - From: Brian McCann [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, January 16, 2003 5:51 PM Subject: RSA SecurID Hi all. I've searched in the archives and found nothing on this newer then 2001...so any help would be appreciated. I'm looking to find a way to support RSA's SecurIDs on FreeBSD. There was something mentioned back in March of 2001 on the topic, but that's all I could find. Could someone please tell me if this is possible, and if it is, where to look for more info? Thanks, --Brian McCann To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
