We are doing exactly such thing. I did not want to make mistake of most
challenge responce systems which run in clear-text on insecure solaris
machines (god knows I seen many of those).
We are using Cryptocard from http://www.cryptocard.com -- the challenge
response system is working over ssh using TIS Authentication. All windows
people have to use SecureCRT since F-Secure windows client does not do
TIS. Unix does it by default (just -o 'TISAuthenticaion yes'). So you get:
63-jkb(nautilus)% ssh proxy
Challenge: 05293424
Enter Response:
We are running the system on FreeBSD and use radius -- so sshd in fact
becomes radius client when it needs to authenticate.
So far everything seem to work just great.
Feel free to ask me in private if you need more details/info. Thanks,
-- yan
On Thu, Oct 14, 1999 at 11:36:18AM -0700, "Roy S. Rapoport" <[EMAIL PROTECTED]> wrote:
>
> Is there any documentation I'm missing on how to integrate the two?
> We'd love to go with 2-factor authentication, but we want to make
> sure our traffic remains encrypted. Any solutions?
>
> -roy
>
> It's All Fun And Games Until Someone Loses an IM
> Roy S. Rapoport / [EMAIL PROTECTED] / 415-252-2215
>
