Date: Mon, 7 May 2001 13:55:15 -0500 From: jamie rishaw <jrishaw@playboy.com> To: "Eric D. Futch" <efutch@nyct.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: RSA SecurID Client on FreeBSD: Summary Message-ID: <20010507135515.H22195@playboy.com> In-Reply-To: <20010507145010.P60366-100000@bsd1.nyct.net>; from efutch@nyct.net on Mon, May 07, 2001 at 02:51:38PM -0400 References: <20010504133228.D21698@playboy.com> <20010507145010.P60366-100000@bsd1.nyct.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ah, christ. :-p On Mon, May 07, 2001 at 02:51:38PM -0400, Eric D. Futch wrote: > I had word from someone at RSA that they have just completed a SecurID > client for FreeBSD based on 4.2. They were just waiting for the changes > to be made to the web site. > > -- > Eric Futch New York Connect.Net, Ltd. > efutch@nyct.net Technical Support Staff > http://www.nyct.net (212) 293-2620 > "Bringing New York The Internet Service It Deserves" > KNYC: 07-May-01 13:51 EDT: 61.0 F (16.1 C), clear, humidity 49% > > > On Fri, 4 May 2001, jamie rishaw wrote: > > >I figured it out. > > > > I posted to the list after probably a week plus of hacking around, > >and while this isn't the most elegant solution, it works. > > > > I don't want to provide support, but for sake of list archives and > >other peoples sanity, here are the basic steps I took: > > > > - Grab Linux SecurID client off of RSA site at > > http://www.rsasecurity.com/download/linux/ > > - Un-tar/decompress > > - (Kludge) FreeBSD apparently doesnt have the linux "/bin/line" > > equiv, which is what the `sdsetup` program uses. So, change > > lines in sdsetup to substitute `$LINE_EXEC` (with quotes) to > > anticipated response, like 'y' for 'yes' and 'n' for 'no', and > > directory or pathnames as needed. > > (I'll include a diff at the end of this email) > > - Grab the sdconf.rec from /top/ace/.. on your SecurID server and > > put it in your $CWD > > - Run ./sdsetup -client > > - Add a test user with shell /top/ace/prog/sdshell > > - Add this box to your ACE/Server as a client and add user auth > > as you would any other new client > > - Verify, run, go. > > > > You need to be running Linux compatibility. > > > > I make no guarantees or warranties whatsoever; I am relaying how > >*I* got it to work on systems here. If you do it and lock yourself > >out of your own boxes, don't come running to me. This only protects > >interactive login, I still have yet to tackle FTP, SCP, etc. > > > > Good luck > > > >jamie > > > > > >-- begin diff -- > >103,109d102 > >< if [ ! -f "$LINE_EXEC" ] > >< then > >< echo "#!/bin/sh" > /bin/line > >< echo "read i" >> /bin/line > >< echo "echo \$i" >> /bin/line > >< chmod 555 /bin/line > >< fi > >207c200 > >< YESORNO=`$LINE_EXEC` > >--- > >> YESORNO='y' > >1114c1107 > >< create=`$LINE_EXEC` > >--- > >> create='y' > >1188c1181 > >< input=`$LINE_EXEC` > >--- > >> input='' > >1281c1274 > >< test_owner=`$LINE_EXEC` > >--- > >> test_owner=rsa > >1316c1309 > >< current_platform=`$LINE_EXEC` > >--- > >> current_platform=freebsd > >1468c1461 > >< test_type=`$LINE_EXEC` > >--- > >> test_type=des > >1508c1501 > >< test_path=`$LINE_EXEC` > >--- > >> test_path=/usr/local/rsa > >1631c1624 > >< create=`$LINE_EXEC` > >--- > >> create='' > > > >-- end diff -- > > > > > >On Fri, May 04, 2001 at 11:56:03AM -0500, jamie rishaw wrote: > >> Hi, > >> > >> I'm looking to chat either on- or off-list with people that have > >> successfully integrated RSA's SecurID into FreeBSD. Specifically, > >> the client side. > >> > >> There are no official clients, and when I try to compile commercial > >> SSH with SecurID support, I get "File format not recognized" when the > >> ssh daemon tries to link sdiclient.a symbols (sdiclient.a being the > >> file that the ACE server generates/holds for clients to link in and > >> talk/authenticate with). SSH.com has still yet to reply to my open > >> ticket with them... > >> > >> I have searched high and low for real answers, yet I cannot find > >> anyone that's been able to say, "Yes, I've done it, here's how". > >> > >> URLs, Pointers, etc., are all appreciated. > >> > >> thanks in advance, > >> > >> jamie > >> -- > >> jamie rishaw <jrishaw@playboy.com> > >> sr. wan/unix engineer/ninja // playboy enterprises inc. > >> opinions stated are mine, and are not necessarily those of the bunny. > >> > > > >-- > >jamie rishaw <jrishaw@playboy.com> > >sr. wan/unix engineer/ninja // playboy enterprises inc. > >opinions stated are mine, and are not necessarily those of the bunny. > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- jamie rishaw <jrishaw@playboy.com> sr. wan/unix engineer/ninja // playboy enterprises inc. opinions stated are mine, and are not necessarily those of the bunny. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010507135515.H22195>