[6797] in Kerberos
Re: Combining Kerberos/DCE with SecureId/SKey authentication
daemon@ATHENA.MIT.EDU (William LeFebvre)
Fri Mar 1 13:43:38 1996
To: kerberos@MIT.EDU
Date: 1 Mar 1996 16:45:28 GMT
From: lefebvre@dis.anl.gov (William LeFebvre)
In article <x63f7t7o4x.fsf@strobe.weeg.uiowa.edu>,
Ed Hill <edhill@strobe.weeg.uiowa.edu> wrote:
>How do others solve this problem - do you solve it? In the Kerberos FAQ it
>mentions that it would be possible to incorporate a challenge-response type of
>password authentication, but is anyone really working on it. Are there people
>out there who try to solve this problem? If so how?
The Cygnus version of Kerberos 4 includes support for authenticating a
user via an SNK card. So it certainly *can* be done. But who has
actually done it for either SecureID or S/Key? I don't know.
For SNK under CNS krb4, another instance of the same principal is
added to the database, and its called "user.+SNK4". The kadmin tool
is extended to include a command to do this.
William LeFebvre
Decision and Information Sciences
Argonne National Laboratory
lefebvre@dis.anl.gov
