On 06/30/2013 01:38 PM, Jarrod Johnson wrote: > I'm contemplating a conserver replacement. There is sufficient > functionality I want to add and conserver is a tad inconvenient. > > For authentication, aside from SSL client certs, would support > user/password auth with admin having the option to addiotnally require > TOTP (TOTP support would have the secret encrypted using user password > as key). The TOTP algorithm would be interoperable with the Google > Authenticator mobile app. >
TOTP can already be used in conserver if PAM is enabled and I would hightly recommend sticking with this functionality (via PAM) instead of re-implementing it. Not only does it remove the complexity and work of securely implementing TOTP, it also allows other PAM modules to be used. (Kerberos would be nice if someone is opening a ton of consoles at once.) -- Daniel M. Weeks Systems Programmer Computational Center for Nanotechnology Innovations Rensselaer Polytechnic Institute Troy, NY 12180 518-276-4458 ------------------------------------------------------------------------------ This SF.net email is sponsored by Windows: Build for Windows Store. http://p.sf.net/sfu/windows-dev2dev _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
