> Date: Mon, 30 Mar 2009 12:57:23 -0500 > From: Dennis Gilmore <dennis@xxxxxxxx> > Reply-To: Fedora Infrastructure <fedora-infrastructure-list@xxxxxxxxxx> > To: Fedora Infrastructure <fedora-infrastructure-list@xxxxxxxxxx> > Subject: More auth options > > So doing a liitle looking around I cane across some options that look > interesting, the following options would mean you need to physically have > something to login. > > yubikey > http://www.yubico.com/products/yubikey/ > It would require a pam module and for us to setup a server for managing keys. > it looks to be fairly low cost. it would implement a 2 facter > authentication. > > etoken > http://www.aladdin.com/etoken/devices/pro-usb.aspx > > it moves the public key from your hard drive to something you physically need > to have > > > ubikey is max USD$25 where the etoken is probably at least USD$30. I would > think that with yubikey we could work out a deal with them to get a discount > in return for us being a case study/prominent user of there product. all of > the software for yubikey AFAICT is open source. some of it would require > packaging. Just FYI, Aladdin refused, REFUSED to sell me 4 keys when I attempted to purchase them through CDW because I did have or want to have an Aladdin PKI Console software license. Nevermind that I didn't actually need their Console software or that Red Hat has a PKI management product. In my opinion, avoid Aladdin even if you can manage to get keys through a tertiary party. -- Matthew Galgoci Network Operations Red Hat, Inc 919.754.3700 x44155 _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
