Re: Looking for cheap and secure Authentification - Build own OTP?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Apr 2, 2009 at 2:30 PM, Krist van Besien
<krist.vanbesien@xxxxxxxxx> wrote:
> On Thu, Apr 2, 2009 at 12:12 PM, ml@xxxxxxxxx <ml@xxxxxxxxx> wrote:
>
>> Now we would like to add an Authentification, so that only Users who pass
>> the Reverse Proxy auth, will get to the Web-App login. This can be done by
>> some htacces and static passwords. The disatvantage is, that this are static
>> passwords and they could be stored by keyloggers.  So we need some kind of
>> one time passwords (OTP).
>>
>> Is there a way to add some random "salt" to the http authentification?
>
> If you have mod_perl you can use one of many mod_perl authentication
> modules. One example is:
>
> http://search.cpan.org/~tobeya/Apache2-AuthenSecurID-0.5/Auth/Auth.pm
>
> Which can use a SecurID server...

Ofcourse that wouldn't be cheap. Another alternative is to mod_auth_external
http://unixpapa.com/mod_auth_external.html

With this module you can basically use anything for authentication.
You could for example use S/Key one time passwords with this.

Krist

-- 
krist.vanbesien@xxxxxxxxx
krist@xxxxxxxxxxxxx
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux