From owner-freebsd-security  Mon Jan 22 08:31:51 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id IAA24605
          for security-outgoing; Mon, 22 Jan 1996 08:31:51 -0800 (PST)
Received: from nevis.oss.uswest.net (nevis.oss.uswest.net [204.147.85.3])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id IAA24580
          Mon, 22 Jan 1996 08:31:36 -0800 (PST)
Received: (from greg@localhost) by nevis.oss.uswest.net (8.6.12/8.6.12) id KAA29506; Mon, 22 Jan 1996 10:31:01 -0600
From: "Greg Rowe" <greg@uswest.net>
Message-Id: <9601221031.ZM29504@nevis.oss.uswest.net>
Date: Mon, 22 Jan 1996 10:31:00 -0600
X-Mailer: Z-Mail (3.2.1 10oct95)
To: freebsd-security@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG
Subject: Netscape & S/Key
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Sender: owner-security@FreeBSD.ORG
Precedence: bulk

 I currently have a FreeBSD system that allows users to update/create their WEB
pages via S/Key access to a virtual FTP server. I'm now looking at creating
another similar system that allows a Netscape user to retrieve files based on a
one time password. I currently use the Apache server.

 Since users would only access the server once to download updates, and I need
to control the access, none of the HTTPD password utilities really apply. It's
much nicer to just print out a list of one time passwords once and a while and
not have to worry about managing databases.

 The virtual FTP seems to be out due to Netscape setting "annonymous" as the
default login user. Has anyone tried to interface the Apache server to
FreeBSD's S/Key login so that rather than use the htpassword routines it uses
S/Key?

Thanks,
Greg Rowe




-- 
Greg Rowe                           | 
U S West - Interact Services        | INTERNET greg@uswest.net
111 Washington Ave. South           | Fax:      (612) 672-8537
Minneapolis, MN USA 55401           | Voice:    (612) 672-8535

    Never trust an operating system you don't have source for....