Re: 2factor auth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



We definitely would need to put the secrets on a higher security box,
and even beyond that, we could look into encrypting the secrets as
well, while contributing the patch back to upstream of course.

Darren VanBuren
==================
http://theoks.net/



On Mon, Oct 17, 2011 at 19:02, Toshio Kuratomi <a.badger@xxxxxxxxx> wrote:
> On Mon, Oct 17, 2011 at 08:26:37PM -0500, Jeffrey Ollie wrote:
>> On Mon, Oct 17, 2011 at 5:54 PM, Kevin Fenzi <kevin@xxxxxxxxx> wrote:
>> >
>> > On the other hand google-authenticator doesn't have any server ability
>> > yet. ;(
>>
>> I didn't think that google-authenticator needed a server to do the
>> authentication - you just need the app on your phone and some
>> configuration on the system that you want to access.
>>
> Correct.  But this is actually a bit of a drawback here.  We have a large
> number of people coming into infrastructure who have various amounts of
> access on the boxes.  We're constantly trying to balance security with the
> need to keep entry barriers low enough for new contributors to get started.
> With that in mind, there are many users who have an unprivileged shell on
> boxes that, although we feel we know them well enough to give them that,
> we've never met in person or have anything other than email/IRC
> conversations to track who they really are.
>
> google-authenticator stores a shared secret in clear on every box that you
> want to be able to auth on.  These secrets are protected by normal Unix
> filesystem permissions but nothing else.  When evaluating this risk with how
> much we don't know about our contributors, things begin to feel a little out
> of balance wrt security.
>
> So what Kevin's getting at is that if we ran google authenticator, we'd need
> to write a server for it so that we could keep those shared secrets on just
> a few boxes with higher security, similarly to how yubikey and fas depend on
> the database server and the three account system-dedicated app servers being
> more secure.
>
> -Toshio
>
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
>
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure



[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux