Re: Does a known security issue allow ssh login via system accounts?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



> >That's a nice thing about pam_yubico with real Yubikeys:
> >they can be validated against the Yubico cloud API,
> >without any local secrets.
>
> Just to make sure I understand you correctly - a cloud
> service determines whether some access to your server
> is to be granted?

A cloud service *authenticates* the user. It's the job of *other* PAM modules and configuration to decide what to *authorize* this authenticated identity for, including login.

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux