Re: Does a known security issue allow ssh login via system accounts?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 

On 07/03/2022 17:40, Philipp Marek wrote:

That's a nice thing about pam_yubico with real Yubikeys: they can be validated against the Yubico cloud API, without any local secrets.

Just to make sure I understand you correctly - a cloud service determines whether some access to your server is to be granted?
Yes: a cloud service run by security experts, almost certainly more secure and better managed than I could build myself. And in any case, it's a second factor on top of private/public keys that I do manage locally.
(They used to provide code for you to host your own validation server - but I've just checked and found that's end-of-life) 
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux