Re: One Time Password support in debian
On Fri, Mar 24, 2000 at 11:40:06PM +0100, frol@h55p201.delphi.afb.lu.se wrote:
> Hello,
>
> An other solution to your problem could be to use a java-applet ssh client.
> Then you could use ssh to login from any java enabled browser in the world,
> and you dont have to worry about one time passwords at all.
>
> Look at:
> http://www.cl.cam.ac.uk/~fapp2/software/java-ssh/
> http://www.mud.de/se/jta/
>
Good idea. I was going to suggest carrying around a disk with Mac and
Windoze ssh clients, or putting them on your machine so you can get them
with http. A good windoze client is putty, since it is only a single .exe:
http://www.chiark.greenend.org.uk/~sgtatham/putty/
(actually, I'm a big fan of putty now. It feels a lot like xterm, and is
very fast at drawing text in its window (relative to other telnet/ssh
programs, including teraterm). I use putty unless I'm at a computer lab
where teraterm ssh is installed but putty isn't (which is the case in some
of the CS labs at school.))
A Mac client which can scp and ssh is NiftyTelnet SSH:
http://www.lysator.liu.se/~jonasw/freeware/niftyssh/
If you put the java applet on your home box, you might want to consider
serving it over secure http, so it doesn't get hacked in transit. OTOH,
keystroke loggers will be a far greater concern in kiosks and such, as
somebody else mentioned. (I don't know what to do about that, since
installing a new OS or something like that on every box you want to use
might make you a bit unpopular!) Using one-time passwords in combination
with ssh would make a crackers job a lot harder, though.
--
#define X(x,y) x##y
DUPS Secretary ; http://is2.dal.ca/~dups/
Peter Cordes ; e-mail: X(peter@cordes.phys. , dal.ca)
"The gods confound the man who first found out how to distinguish the hours!
Confound him, too, who in this place set up a sundial, to cut and hack
my day so wretchedly into small pieces!" -- Plautus, 200 BCE
Reply to: