On Mon, Mar 30, 2009 at 2:12 PM, Matthew Galgoci <mgalgoci@xxxxxxxxxx> wrote: >> Date: Mon, 30 Mar 2009 12:57:23 -0500 >> From: Dennis Gilmore <dennis@xxxxxxxx> >> Reply-To: Fedora Infrastructure <fedora-infrastructure-list@xxxxxxxxxx> >> To: Fedora Infrastructure <fedora-infrastructure-list@xxxxxxxxxx> >> Subject: More auth options >> >> So doing a liitle looking around I cane across some options that look >> interesting, the following options would mean you need to physically have >> something to login. >> >> yubikey >> http://www.yubico.com/products/yubikey/ >> It would require a pam module and for us to setup a server for managing keys. >> it looks to be fairly low cost. it would implement a 2 facter >> authentication. >> >> etoken >> http://www.aladdin.com/etoken/devices/pro-usb.aspx >> >> it moves the public key from your hard drive to something you physically need >> to have >> >> >> ubikey is max USD$25 where the etoken is probably at least USD$30. I would >> think that with yubikey we could work out a deal with them to get a discount >> in return for us being a case study/prominent user of there product. all of >> the software for yubikey AFAICT is open source. some of it would require >> packaging. > > Just FYI, Aladdin refused, REFUSED to sell me 4 keys when I attempted > to purchase them through CDW because I did have or want to have an > Aladdin PKI Console software license. Nevermind that I didn't actually > need their Console software or that Red Hat has a PKI management > product. > > In my opinion, avoid Aladdin even if you can manage to get keys through > a tertiary party. +1 - Aladdin makes a lot of DRM (for software, not media (that I know of)) stuff too; all the more reason to avoid them. If Ubikey is supplying an open source stack to go with their hardware that sounds a more logical fit for the Fedora Project, and a more symbiotic relationship. _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
