[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Disabling Root Access



> I would be happy with smart card login, but I don't think that is
> available yet for OpenBSD??? However, I may be able to find a
> variation of this idea to access root through a token.

Yes, it is available.  Unfortunately the OpenSSH team hasn't included
this patch in the distribution.  You are absolutely correct.  Using
passwords as an access method is horrendously bad, even with
encryption, for the more high-security stuff, like being a cert
server.  I'm told that they are going to have CryptoCard stuff in the
2.9 os release, though.  I have attached the patch to this email.  I
apologize to the list if that's a no-no.

[demime removed a uuencoded section named openssh-cryptocard.patch.gz which was 219 lines]