From owner-freebsd-security Mon Jan 22 08:31:51 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id IAA24605 for security-outgoing; Mon, 22 Jan 1996 08:31:51 -0800 (PST) Received: from nevis.oss.uswest.net (nevis.oss.uswest.net [204.147.85.3]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id IAA24580 Mon, 22 Jan 1996 08:31:36 -0800 (PST) Received: (from greg@localhost) by nevis.oss.uswest.net (8.6.12/8.6.12) id KAA29506; Mon, 22 Jan 1996 10:31:01 -0600 From: "Greg Rowe" Message-Id: <9601221031.ZM29504@nevis.oss.uswest.net> Date: Mon, 22 Jan 1996 10:31:00 -0600 X-Mailer: Z-Mail (3.2.1 10oct95) To: freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Netscape & S/Key Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-security@FreeBSD.ORG Precedence: bulk I currently have a FreeBSD system that allows users to update/create their WEB pages via S/Key access to a virtual FTP server. I'm now looking at creating another similar system that allows a Netscape user to retrieve files based on a one time password. I currently use the Apache server. Since users would only access the server once to download updates, and I need to control the access, none of the HTTPD password utilities really apply. It's much nicer to just print out a list of one time passwords once and a while and not have to worry about managing databases. The virtual FTP seems to be out due to Netscape setting "annonymous" as the default login user. Has anyone tried to interface the Apache server to FreeBSD's S/Key login so that rather than use the htpassword routines it uses S/Key? Thanks, Greg Rowe -- Greg Rowe | U S West - Interact Services | INTERNET greg@uswest.net 111 Washington Ave. South | Fax: (612) 672-8537 Minneapolis, MN USA 55401 | Voice: (612) 672-8535 Never trust an operating system you don't have source for....