Re: Debian two-factor auth, GSoC?
]] Luca Filipozzi
> I can help with a GSoC but I think DSA would prefer to lean in the direction of
> the above.
I'm also happy to help with it. I have a bit of experience with the
yubikey tokens, and at least one of the upstreams is on the path to
DDship, so I think we're reasonably well covered there.
> Finally, if we are going to require DDs to have a physical object, I'm more in
> favour of an OpenPGP token than an OTP token. The OpenPGP token could then
> power gpg (yes, Luca, we get that :) ) and act as an ssh-agent. Couple that
> with OTP, and we have quite strong overall solution, I think.
The Yubikey neo can run the java applet thingies, it seems, so it can
act as a GPG token too.
--
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are
Reply to: