From owner-freebsd-security Wed Aug 22 9:42:24 2001 Delivered-To: freebsd-security@freebsd.org Received: from apu.eircom.net (mail1.tinet.ie [159.134.237.21]) by hub.freebsd.org (Postfix) with ESMTP id F41DF37B40E for ; Wed, 22 Aug 2001 09:42:15 -0700 (PDT) (envelope-from ryand@alpha.eng.eircom.net) Received: from alpha.eng.eircom.net ([159.134.242.178]) by apu.eircom.net with esmtp (Exim 2.05 #1) id 15Zb54-0000jR-00 for freebsd-security@FreeBSD.ORG; Wed, 22 Aug 2001 17:42:14 +0100 Received: (from ryand@localhost) by alpha.eng.eircom.net (8.11.3/8.10.1) id f7MGfwe20041 for freebsd-security@FreeBSD.ORG; Wed, 22 Aug 2001 17:41:58 +0100 (IST) Date: Wed, 22 Aug 2001 17:41:57 +0100 From: Dave Ryan To: freebsd-security@FreeBSD.ORG Subject: kerberosV - SecurID Message-ID: <20010822174157.A28071@alpha.eng.eircom.net> Mail-Followup-To: Dave Ryan , freebsd-security@FreeBSD.ORG References: <3B83A8BC.BCF790A0@karolinelund.dk> <20010822140020.A1911@alpha.eng.eircom.net> <200108221628.f7MGSud60744@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200108221628.f7MGSud60744@khavrinen.lcs.mit.edu>; from wollman@khavrinen.lcs.mit.edu on Wed, Aug 22, 2001 at 12:28:56PM -0400 Organization: Eircom CIRT Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone know if RSA Securid OTP's are used anywhere to enhance the ticket granting phase of a kerberos authentication sequence? e.g. A user is challeneged for their username, password and/or PASSCODE, which is then passed onto the KDC, which then talks to an RSA ACE Agent which validates the autenticity of the user based on the credentials supplied. The user is then given a token etc. ... Anyone got any ideas about that? Its been suggested to me to look into the ietf workings around hardware pre authentication. I have seen references for securid support in IV, and I think in a dated version developed by cygnus a while back - I could be wrong. Regards, Dave. - -- Dave Ryan Computer Incident Response Team dave.ryan@eircom.net Eircom Multimedia -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjuD4NIACgkQHSjBCI+q2yIlUQCaAtM+uO7qLjKvOGmUHB8Bhqfg yS0AniMUs3/hBARI8Fq1UsabcX087/8W =P0yh -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message