Re: Intrusion Update

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, 30 Mar 2009, Damian Myerscough wrote:

> Hello,
>
> What about the use of S/Key (one-time passwords) I think it is possible to
> deploy SSH with S/Key authentication. I haven't look into it that much but it
> could be a possible solution?
>

If someone had my username, password, and ssh key.  How would that prevent
them from getting a otp?

	-Mike

> susmit shannigrahi wrote:
> > > So I'm not quite sure how to 'fix' this problem.  By that I mean, even if
> > > we knew this attack was going to happen I'm not totally sure of a feasible
> > > solution, using only free software, that we could have used to fix it.
> > > Obviously a physical rsa key or the like would have worked but I don't
> > > think we have the manpower nor budget to implement such a system.  So I
> > > ask the list, any ideas?
> >
> > A single use random code/passwd mailed/texted each time one tries to
> > login and invalidated just after use??
> >
> > Basically I am referring to RFC 2289[1]
> >
> > [1]http://www.ietf.org/rfc/rfc2289.txt
> >
> > Thanks.
> >
>
> --
> Regards,
> Damian Myerscough
>
> _______________________________________________
> Fedora-infrastructure-list mailing list
> Fedora-infrastructure-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
>

_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list

[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux