[ale] Recommendations for Two factor authenticaton on Linux (RHEL)?

Michael H. Warfield mhw at WittsEnd.com
Mon Apr 13 17:12:37 EDT 2015


On Mon, 2015-04-13 at 16:55 +0000, Lightner, Jeff wrote:
> Anyone doing this for PCI requirements?   

> 
> What are you using for two factor authentication?
> 
If you really need it...  There are several implementations of TOTP
(Time-based One Time Password - IETF RFC 6238) and HOTP (Hash-based One
Time Password - IETF RFC 4226).  Implementations and support include
Google, Dropbox, Google Authenticator (auth calculator and authenticator
in PAM), and Ubikey amongst others.  [TH]OTPs are standards and
shouldn't lock you into a particular proprietary vendor whom you must
then "trust".  Oh, and the Ubikey tokens don't expire (unlike some
vendors) and there are Android and iOS apps.  I've got both Gauth and
FreeOTP on my devices in addition to having a Ubikey.
> 
> Why did you choose it over any other options considered?

Open standards, multiple compatible installations, site support, no
expiration of tokens.

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 465 bytes
Desc: This is a digitally signed message part
URL: <http://mail.ale.org/pipermail/ale/attachments/20150413/80098558/attachment.sig>


More information about the Ale mailing list