Any One-Time password system.

Sergii Bieliaievskyi s.bieliaievskyi at sethq.com
Thu May 16 15:56:41 CEST 2013


I want to change my security strategy.
It would be better to user two step verification by google. There
is google-authenticator (http://code.google.com/p/google-authenticator/)
but it checks users in local database /etc/passwd and so on.
How should I synchronize my unix box with corporate google account database?
Does anybody have such an experience?


2013/5/16 Sergii Bieliaievskyi <s.bieliaievskyi at sethq.com>

>
> 2013/5/16 Alan DeKok <aland at deployingradius.com>
>
>> Sergii Bieliaievskyi wrote:
>> > This is so frustrating :(
>> > How it can be possible to do strong security using reliable passwords
>> > and to have no encryption in the same time.
>>
>>   I think you misunderstand the issues.
>>
>>   OTP passwords were created so that it doesn't *require* that the
>> password be hidden.
>>
>>   Systems like MSCHAP were created so that the passwords could be used
>> many times, because they're hashed.
>>
>>   The two systems are *designed* to be incompatible.
>>
>
> But only ms-chap supports data encryption. I want to use OTP and MPPE
> simulteniosly. But MPPE without ms-chap cann`t exist. Am I right?
>

-- 


------------------------------
PRIVILEGED AND CONFIDENTIAL COMMUNICATION
This e-mail transmission, and any documents, files or previous e-mail 
messages 
attached to it, may contain confidential information that is legally 
privileged.

If you are not the intended recipient or a person responsible for 
delivering it
to the intended recipient, you are hereby notified that any disclosure, 
copying,
distribution or use of any of the information contained in or attached to 
this
transmission is strictly prohibited.

If you have received this transmission in error, please: (1) immediately 
notify
me by reply e-mail, or by collect telephone call; and (2) destroy the 
original
transmission and its attachments without reading or saving in any manner.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130516/3057b251/attachment.html>


More information about the Freeradius-Users mailing list