[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using SecurID for authentication

To: "'Josh'" <josh+openldap@eldertimes.us>
Subject: Re: Using SecurID for authentication
From: "Richard L. Goerwitz III" <richard@Goerwitz.com>
Date: Sat, 05 Mar 2005 15:07:49 -0600
Cc: openldap-software@OpenLDAP.org
In-reply-to: <005b01c5215d$ffc3e2f0$1e0aa8c0@BUGGY>
Organization: Goerwitz.COM
References: <005b01c5215d$ffc3e2f0$1e0aa8c0@BUGGY>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922

Alan Miller wrote:

If you want the OS to retrieve user info from a directory but
authenticate passwords from a SecureID server, couldn't you just
use the PAM modules already provided by RSA?


I'd just second that.  OpenLDAP can use SASL, and you can configure
SASL locally (e.g., saslauthd) to pass credentials through to PAM.
At that point you can just configure PAM to use RSA.

It'll be very clean.

Too bad RedHat (where the SASL and PAM configs will be trivial, if
that's what you're doing) seems to like to ship outdated versions
of OpenSSL.

--

Richard Goerwitz                               richard@Goerwitz.COM
tel: 507 645 7015

References:
- RE: Using SecurID for authentication
  - From: "Alan Miller" <somebody@squareplanet.de>

Prev by Date: Re: apping ACLs to groupmembers
Next by Date: slapd running process
Index(es):
- Chronological
- Thread