Re: Debian two-factor auth, GSoC?

To: debian-devel@lists.debian.org
Subject: Re: Debian two-factor auth, GSoC?
From: Thomas Goirand <zigo@debian.org>
Date: Fri, 12 Apr 2013 17:13:32 +0800
Message-id: <[🔎] 5167D03C.4020506@debian.org>
In-reply-to: <[🔎] 5167A297.4090907@pocock.com.au>
References: <[🔎] 5166FCA0.70504@pocock.com.au> <[🔎] 20130411190440.GA32523@emyr.net> <[🔎] m2a9p43m5t.fsf@rahvafeir.err.no> <[🔎] 5167A1F7.9070401@debian.org> <[🔎] 5167A297.4090907@pocock.com.au>

On 04/12/2013 01:58 PM, Daniel Pocock wrote:
> There was never any suggestion to make something mandatory, I actually
> agree with those concerns
>
> Given the nature of Debian, it would be a personalised solution
>
> So, if a DD regularly accesses Debian infrastructure from a PC that he
> does not control (e.g. a work PC) he can choose to use TOTP instead of a
> password.  A DD who always uses a personal laptop may prefer to use an
> ssh key.  It is all about choice.
>
> With the right tools, DDs would have these choices each time they log
> in, or any one person can choose to make *OTP mandatory for their own login.
>
> So any potential GSoC project may involve making tools that allow DDs to
> set this up, the way they want, quickly - but only if they want it.
This seems to be a very sensible approach indeed.

Thomas

P.S: Please don't CC me, I'm registered to the list.

Reply to:

References:
- Debian two-factor auth, GSoC?
  - From: Daniel Pocock <daniel@pocock.com.au>
- Re: Debian two-factor auth, GSoC?
  - From: Luca Filipozzi <lfilipoz@debian.org>
- Re: Debian two-factor auth, GSoC?
  - From: Tollef Fog Heen <tfheen@err.no>
- Re: Debian two-factor auth, GSoC?
  - From: Thomas Goirand <zigo@debian.org>
- Re: Debian two-factor auth, GSoC?
  - From: Daniel Pocock <daniel@pocock.com.au>

Prev by Date: Re: Debian two-factor auth, GSoC?
Next by Date: Re: Debian two-factor auth, GSoC?
Previous by thread: Re: Debian two-factor auth, GSoC?
Next by thread: Re: Debian two-factor auth, GSoC?
Index(es):
- Date
- Thread