Date: Mon, 7 May 2001 14:51:38 -0400 (EDT) From: "Eric D. Futch" <efutch@nyct.net> To: <freebsd-security@FreeBSD.ORG> Subject: Re: RSA SecurID Client on FreeBSD: Summary Message-ID: <20010507145010.P60366-100000@bsd1.nyct.net> In-Reply-To: <20010504133228.D21698@playboy.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I had word from someone at RSA that they have just completed a SecurID client for FreeBSD based on 4.2. They were just waiting for the changes to be made to the web site. -- Eric Futch New York Connect.Net, Ltd. efutch@nyct.net Technical Support Staff http://www.nyct.net (212) 293-2620 "Bringing New York The Internet Service It Deserves" KNYC: 07-May-01 13:51 EDT: 61.0 F (16.1 C), clear, humidity 49% On Fri, 4 May 2001, jamie rishaw wrote: >I figured it out. > > I posted to the list after probably a week plus of hacking around, >and while this isn't the most elegant solution, it works. > > I don't want to provide support, but for sake of list archives and >other peoples sanity, here are the basic steps I took: > > - Grab Linux SecurID client off of RSA site at > http://www.rsasecurity.com/download/linux/ > - Un-tar/decompress > - (Kludge) FreeBSD apparently doesnt have the linux "/bin/line" > equiv, which is what the `sdsetup` program uses. So, change > lines in sdsetup to substitute `$LINE_EXEC` (with quotes) to > anticipated response, like 'y' for 'yes' and 'n' for 'no', and > directory or pathnames as needed. > (I'll include a diff at the end of this email) > - Grab the sdconf.rec from /top/ace/.. on your SecurID server and > put it in your $CWD > - Run ./sdsetup -client > - Add a test user with shell /top/ace/prog/sdshell > - Add this box to your ACE/Server as a client and add user auth > as you would any other new client > - Verify, run, go. > > You need to be running Linux compatibility. > > I make no guarantees or warranties whatsoever; I am relaying how >*I* got it to work on systems here. If you do it and lock yourself >out of your own boxes, don't come running to me. This only protects >interactive login, I still have yet to tackle FTP, SCP, etc. > > Good luck > >jamie > > >-- begin diff -- >103,109d102 >< if [ ! -f "$LINE_EXEC" ] >< then >< echo "#!/bin/sh" > /bin/line >< echo "read i" >> /bin/line >< echo "echo \$i" >> /bin/line >< chmod 555 /bin/line >< fi >207c200 >< YESORNO=`$LINE_EXEC` >--- >> YESORNO='y' >1114c1107 >< create=`$LINE_EXEC` >--- >> create='y' >1188c1181 >< input=`$LINE_EXEC` >--- >> input='' >1281c1274 >< test_owner=`$LINE_EXEC` >--- >> test_owner=rsa >1316c1309 >< current_platform=`$LINE_EXEC` >--- >> current_platform=freebsd >1468c1461 >< test_type=`$LINE_EXEC` >--- >> test_type=des >1508c1501 >< test_path=`$LINE_EXEC` >--- >> test_path=/usr/local/rsa >1631c1624 >< create=`$LINE_EXEC` >--- >> create='' > >-- end diff -- > > >On Fri, May 04, 2001 at 11:56:03AM -0500, jamie rishaw wrote: >> Hi, >> >> I'm looking to chat either on- or off-list with people that have >> successfully integrated RSA's SecurID into FreeBSD. Specifically, >> the client side. >> >> There are no official clients, and when I try to compile commercial >> SSH with SecurID support, I get "File format not recognized" when the >> ssh daemon tries to link sdiclient.a symbols (sdiclient.a being the >> file that the ACE server generates/holds for clients to link in and >> talk/authenticate with). SSH.com has still yet to reply to my open >> ticket with them... >> >> I have searched high and low for real answers, yet I cannot find >> anyone that's been able to say, "Yes, I've done it, here's how". >> >> URLs, Pointers, etc., are all appreciated. >> >> thanks in advance, >> >> jamie >> -- >> jamie rishaw <jrishaw@playboy.com> >> sr. wan/unix engineer/ninja // playboy enterprises inc. >> opinions stated are mine, and are not necessarily those of the bunny. >> > >-- >jamie rishaw <jrishaw@playboy.com> >sr. wan/unix engineer/ninja // playboy enterprises inc. >opinions stated are mine, and are not necessarily those of the bunny. > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010507145010.P60366-100000>