From owner-freebsd-questions Wed Apr 23 08:43:58 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id IAA06001 for questions-outgoing; Wed, 23 Apr 1997 08:43:58 -0700 (PDT) Received: from mailhost.PII.COM (pii.com [192.77.209.1]) by hub.freebsd.org (8.8.5/8.8.5) with SMTP id IAA05995 for ; Wed, 23 Apr 1997 08:43:56 -0700 (PDT) Received: from PII.COM by PII.COM (4.1/SMI-4.4) id AA21896; Wed, 23 Apr 97 08:46:14 PDT Received: from PII-Message_Server by pii.com with Novell_GroupWise; Wed, 23 Apr 1997 08:44:34 -0700 Message-Id: X-Mailer: Novell GroupWise 4.1 Date: Wed, 23 Apr 1997 08:42:04 -0700 From: Robert Clark To: questions@freebsd.org, pol@leissner.se Subject: Secure logging in to FreeBSD -Reply Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Peter, Some firewalls feature a time-based challenge, that might be useful in a situation like this. The user in the field carries a little computer the size of a credit card. When you attempt to go through the firewall, it sends you a challenge code. You punch the challenge code into your card, and it returns a second code. You send that second code back to the firewall and it allows you in. The nice thing about this system, is that the user doesn't know the hash key, so cannot give it out. Also, if challenge card is PIN protected, and turns itself off after a few minutes of non-use. If it is lost, it is unusable without the PIN. [RC] (The firewall I saw this on was a morningstar. (A 386DX40 running customized NetBSD?.) >>> Peter Olsson 04/23/97 07:26am >>> I'm looking for a product which will give me secure access to a FreeBSD-server. Some kind of one-time-passwords or something to allow remote users in without having to open telnet wide for anyone. Anyone have any pointers? Preferably to solutions that wont cost me a fortune. And, if possible, pointers to companies in Sweden that sell those products. Thanks for your time! Peter Olsson pol@leissner.se