Matt Mossholder on 14 Aug 2012 11:58:38 -0700


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Two Factor Authentication


On Tue, Aug 14, 2012 at 2:49 PM, Art Clemons <artclemons@aol.com> wrote:
I noticed the following on howtogeek. ÂI wonder how reliable Google's setup is for what amounts to a really occasional connection. ÂAnyone know of a better technique or of possible security holes. ÂI for example wonder about the rate limiting authentication reliability or the emergency authentication to allow authentication with no cell phone.

<http://www.howtogeek.com/121650/how-to-secure-ssh-with-google-authenticators-two-factor-authentication/>
http://preview.tinyurl.com/92ho62d
http://tinyurl.com/92ho62d

I had been looking at something like that myself... here is the link I found:
Secure two-step Google Auth login in CentOS | Axivo Community

Of particular note is the part about moving the seed file out of the user's directory, and removing the user's access to it.

  Â--Matt

___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug