Re: USB key requirement.
On Mon, 10 Jan 2011 11:46:04 +0200
Andrei Popescu <andreimpopescu@gmail.com> wrote:
> On Du, 09 ian 11, 21:42:03, Dan Serban wrote:
> > So, I'm currently switching my 9 workstations around the house to
> > diskless boot. They mount nfs shares that reside on top of an
> > encrypted raid server. This is all fine and good.
> >
> > What I'd like to do:
> >
> > On a specific workstation, on boot, i'd like to require that a
> > specific usb memory stick be inserted in the system. ie. one that
> > contains a key which will allow the boot process to continue.
> >
> > Can this be done? If so, what should I use to make it less than
> > easy to decipher?
> >
> > Maybe a GPG encoded text file that matches against a plain text one?
> > (that's insecure)...
>
> Maybe libpam-ssh can be used for this?
>
Thanks for your suggestion, it made me search through the pam packages
and pam-usb looks like it might do the job. Although, it doesn't seem
to do exactly as I had hoped (allow the system to boot if the USB stick
is inserted) it's a good start.
> Regards,
> Andrei
Reply to: