[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [SAGE] Security tokens

To: Jim Hickstein <jxh@jxh.com>
Subject: Re: [SAGE] Security tokens
From: "Mark D. Roth" <roth@feep.net>
Date: Mon, 20 Jan 2003 16:57:24 -0600
Cc: Chuck Yerkes <chuck+sage@snew.com>, sage-members@sage.org
In-Reply-To: <16460000.1043097374@jxh.mirapoint.com>; from jxh@jxh.com on Mon, Jan 20, 2003 at 01:16:14PM -0800
Organization: Feep Networks
References: <200301201949.LAA07068@plxw0026.pdx.intel.com> <10830000.1043093780@jxh.mirapoint.com> <20030120205201.GA4787@snew.com> <16460000.1043097374@jxh.mirapoint.com>
Sender: owner-sage-members@usenix.org
User-Agent: Mutt/1.2.5i

On Mon Jan 20 13:16 2003 -0800, Jim Hickstein wrote:
> > The device, an SNK-4 now owned by Raptor, last I looked, still
> > works after 7 years, cost me $35 each for 3.  I know there are
> > software versions available and other calculators.
> 
> I used to use these, as well.  Does anyone have a link to _modern_ software 
> for a server?  Who does the client integration if there's no revenue for 
> it?  (Or are standards like GSSAPI(??)/RADIUS/LDAP/whatever now so advanced 
> that clients don't need special hooks any more?)  This is how SecureID used 
> to make their sales: box X only worked with their stuff.

We still use SNKs.  I have no idea if the devices are still available,
but we have so many spares that we've never needed to buy more.  I've
also heard that there's an SNK app for PalmOS, so you may not need to
buy the devices in the first place.

I would like to see a more modern server - with a less restrictive
license - to replace the orignal TIS fwtk authsrv.  However, this
isn't a high priority for us, since the TIS code works fine once you
manage to get it built and configured.

Incidentally, I had a conversation with Balazs Scheidler (the guy that
wrote syslog-ng) about this on the OpenSSH mailing list (and
continuing in private messages) back in December of 2000.  He claimed
to have a new implementation of authsrv, but without SNK support, that
he'd written on bid for a customer.  He said he might release it as
free software at some point, but I don't know if that ever actually
happened.

The client side hasn't been a problem, because everything we care
about supports PAM these days, and there are a few different PAM
modules out there for authsrv authentication.  We use one that I
wrote, which is available here:

  http://www-dev.cites.uiuc.edu/PAM/

Anyway, I dunno if any of this does anyone any good or not, but I
figured I'd share the info just in case...

-- 
Mark D. Roth <roth@feep.net>
http://www.feep.net/~roth/

Follow-Ups:
- Re: [SAGE] Security tokens
  - From: Jim Hickstein <jxh@jxh.com>

References:
- Re: [SAGE] Security tokens
  - From: Steve Willoughby <steve@ichips.intel.com>
- Re: [SAGE] Security tokens
  - From: Jim Hickstein <jxh@jxh.com>
- Re: [SAGE] Security tokens
  - From: Chuck Yerkes <chuck+sage@snew.com>
- Re: [SAGE] Security tokens
  - From: Jim Hickstein <jxh@jxh.com>

Prev by Date: Re: [SAGE] NetApp--spindles vs. performance
Next by Date: Re: [SAGE] Security tokens
Prev by thread: Re: [SAGE] Security tokens
Next by thread: Re: [SAGE] Security tokens
Index(es):
- Date
- Thread