Librenix
Headlines | Linux | Apps | Coding | BSD | Admin | News
Information for Linux System Administration 

Secure SSH with WiKID two factor authentication

Up
vote
Down

SSH offers a highly secure channel for remote administration of servers. However, if you face an audit for regulatory or business requirements, such as Visa/Mastercard PCI, you need to be aware of some potential authentication related short-comings that may cause headaches in an audit. For example:

  • There is no way to control which users have public key authorization
  • There is no way to enforce passphrase complexity (or even be sure that one is being used)
  • There is no way to expire a public key
In this document we are going to demonstrate how to combine two-factor authentication from WiKID with an SSH gateway server with hosted private keys to create a highly secure, auditable and easy to use remote access solution.

read more...
mail this link | permapage | score:7512 | -nowen, April 30, 2007

Secure VNC remote access with two-factor authentication

Up
vote
Down

VNC is the most popular remote access solution today. However, it was developed to provide remote access, not to provide secure remote access. Administrators have to add security to VNC by tunneling it through an encrpyted channel such as SSH and adding a layer of authentication. In this article, we will show you how to combine the NoMachine NX server to encrypt VNC and remote X session combined with two-factor authentication from WiKID Systems to create a secure, fast remote access solution. read more...
mail this link | permapage | score:6459 | -nowen, May 23, 2007

Configure OpenVPN with WiKID Strong Authentication

Up
vote
Down

These instructions describe setting up two-factor authentication with WiKID Strong Authentication, which is a commercial/open source two-factor authentication system and OpenVPN, an SSL-encrypted VPN, on a Linux server using the Radius Pluggable Authentication Module.. First, we will configure PAM to use Radius, then we will configure OpenVPN to use PAM and one-time passwords, then we will create a network client on the WiKID server for OpenVPN. We won't go into specifics about installing these services, rather we will focus on configuring them to all work together. read more...
mail this link | permapage | score:5405 | -nowen, May 4, 2007
Abstract Art Prints by Ray Yeargin

Selected articles

Space Tyrant: A threaded game server project in C

Hacker Haiku

Programming Language Tradeoffs: 3GL vs 4GL

Scripting: A parallel Linux backup script

The Supreme Court is wrong on Copyright Case

Apple DIY Repair

The Real Microsoft Monopoly

How to install Ubuntu Linux on the decTOP SFF computer

Mono-culture and the .NETwork effect

Space Tyrant: Multithreading lessons learned on SMP hardware

Download: Linux 3D Client for Starship Traders

 

Firefox sidebar

Site map

Site info

News feed

Features

Login
(to post)

Search

 
Articles are owned by their authors.   © 2000-2012 Ray Yeargin