So doing a liitle looking around I cane across some options that look interesting, the following options would mean you need to physically have something to login. yubikey http://www.yubico.com/products/yubikey/ It would require a pam module and for us to setup a server for managing keys. it looks to be fairly low cost. it would implement a 2 facter authentication. etoken http://www.aladdin.com/etoken/devices/pro-usb.aspx it moves the public key from your hard drive to something you physically need to have ubikey is max USD$25 where the etoken is probably at least USD$30. I would think that with yubikey we could work out a deal with them to get a discount in return for us being a case study/prominent user of there product. all of the software for yubikey AFAICT is open source. some of it would require packaging. Dennis _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
