[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian two-factor auth, GSoC?

]] Luca Filipozzi 

> I can help with a GSoC but I think DSA would prefer to lean in the direction of
> the above.

I'm also happy to help with it.  I have a bit of experience with the
yubikey tokens, and at least one of the upstreams is on the path to
DDship, so I think we're reasonably well covered there.

> Finally, if we are going to require DDs to have a physical object, I'm more in
> favour of an OpenPGP token than an OTP token.  The OpenPGP token could then
> power gpg (yes, Luca, we get that :) ) and act as an ssh-agent.  Couple that
> with OTP, and we have quite strong overall solution, I think.

The Yubikey neo can run the java applet thingies, it seems, so it can
act as a GPG token too.

Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Reply to: