[Beowulf] One time password generators...

Robert G. Brown rgb at phy.duke.edu
Tue Mar 24 15:25:57 PDT 2009


Doing certain classes of work one has to satisfy e.g. banking due
diligence, which tends to be stronger than ordinary cluster due
diligence.  One aspect of that security (generally required, quite
independent of whether or not it really increases security) is "strong
authentication", currently held to be multifactor authentication, e.g.
SSH keys AND a one-time password, a password AND biometrics, etc.

I've got a possible gig set up that may need this and have been
investigating the OTP devices for cost and linux capability.  The cost
seems generally to be "high", and while there are a few that are
up-front linux capable, it seems to be really difficult to find a
company that will just sell you a key generator at (say) $10 a pop and
give you a matching piece of software to run on your linux server.

There are a couple of possible exceptions to pursue in addition to the
e.g. RSA-like solutions with their enormous cost, but I thought I'd
throw it out to the group here too.  Is there a straightforward low-cost
way to generate OTP's without ten thousand dollar server software
packages?

    rgb

Robert G. Brown	                       http://www.phy.duke.edu/~rgb/
Duke University Dept. of Physics, Box 90305
Durham, N.C. 27708-0305
Phone: 1-919-660-2567  Fax: 919-660-2525     email:rgb at phy.duke.edu





More information about the Beowulf mailing list