On Thu, Jul 9, 2015, at 11:15, Lev Serebryakov wrote:
Does somebody succeed to setup FreeBSD for usage with Yubikey NEO
token without Yubico authentication service, with OATH-HOTP?
What have you tried so far? I don't do the offline auth, but this seems
to be documented well in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Does somebody succeed to setup FreeBSD for usage with Yubikey NEO
token without Yubico authentication service, with OATH-HOTP?
- --
// Lev Serebryakov
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)
Hi,
On 9 July 2015 at 09:15, Lev Serebryakov l...@freebsd.org wrote:
Does somebody succeed to setup FreeBSD for usage with Yubikey NEO
token without Yubico authentication service, with OATH-HOTP?
I don't have the neo but it works, at least, with openssh.
See comments in this blog post:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 09.07.2015 19:20, Mark Felder wrote:
Does somebody succeed to setup FreeBSD for usage with Yubikey
NEO token without Yubico authentication service, with OATH-HOTP?
What have you tried so far? I don't do the offline auth, but this
seems
On Thu, Jul 9, 2015, at 13:05, Lev Serebryakov wrote:
`security/pam_ssh_agent_auth' installs PAM module
(pam_ssh_agent_auth.so) into `${LOCALBASE}/lib', but
`security/pam_yubico' and `security/oath-toolkit' install PAM modules
into `${LOCALBASE}/lib/security'.
And, by default on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
=
FreeBSD-SA-15:12.opensslSecurity Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
`security/pam_ssh_agent_auth' installs PAM module
(pam_ssh_agent_auth.so) into `${LOCALBASE}/lib', but
`security/pam_yubico' and `security/oath-toolkit' install PAM modules
into `${LOCALBASE}/lib/security'.
And, by default on 10-STABLE, modules
I use security/duo with Yubikeys configured as the token all over the
place. It works flawlessly with sudo, su, openssh-portable, and the OS
openssh.
https://svnweb.freebsd.org/ports/head/security/duo/
On Thu, Jul 9, 2015 at 12:15 PM, Lev Serebryakov l...@freebsd.org wrote:
-BEGIN PGP
On Wed, 8 Jul 2015 12:49:12 -0500, Mark Felder wrote:
No workaround is available, but only systems that are manually
configured to enable DNSSEC validation are affected. would be a
reasonable statement.
Agreed. DNSSEC may become mandatory, and while surely 'best practice',
it's not yet
On 2015-Jul-09 17:32:19 +, FreeBSD Security Advisories
security-advisor...@freebsd.org wrote:
NOTE WELL: This issue does not affect earlier FreeBSD releases, including the
supported 8.4, 9.3 and 10.1-RELEASE because the alternative certificate chain
feature was not introduced in these
10 matches
Mail list logo