Re: Looking for cheap and secure Authentification - Build own OTP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Apr 2, 2009 at 12:12 PM, ml@xxxxxxxxx <ml@xxxxxxxxx> wrote:

> Now we would like to add an Authentification, so that only Users who pass
> the Reverse Proxy auth, will get to the Web-App login. This can be done by
> some htacces and static passwords. The disatvantage is, that this are static
> passwords and they could be stored by keyloggers.  So we need some kind of
> one time passwords (OTP).
>
> Is there a way to add some random "salt" to the http authentification?

If you have mod_perl you can use one of many mod_perl authentication
modules. One example is:

http://search.cpan.org/~tobeya/Apache2-AuthenSecurID-0.5/Auth/Auth.pm

Which can use a SecurID server...

Krist

-- 
krist.vanbesien@xxxxxxxxx
krist@xxxxxxxxxxxxx
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux