Date: Wed, 10 Dec 2003 12:48:24 -0700 From: Brett Glass <brett@lariat.org> To: Kyle Amon <amonk@gnutec.com> Cc: security@freebsd.org Subject: Re: s/key authentication for Apache on FreeBSD? Message-ID: <6.0.0.22.2.20031210124332.04e94ac0@localhost> In-Reply-To: <20031210093927.70c87960.amonk@gnutec.com> References: <6.0.0.22.2.20031210115335.04c2fc50@localhost> <20031210093927.70c87960.amonk@gnutec.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 07:39 AM 12/10/2003, Kyle Amon wrote: >It sounds like you're going all crazy here. It does? > Unfortunately, what you've >written to describe your requirement is not very precise. Assuming you >are not concerned about "keystroke loggers" You must have misunderstood my message: This is EXACTLY what the owner is concerned about. Encrypting the content is not as important as preventing unfettered future access via a password stolen by sniffing either the network or the keyboard. Thus, SSL -- while it might be nice -- is optional. What's needed is one-time passwords for "basic" authentication in Apache. --Brett Glass
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20031210124332.04e94ac0>