Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: PAM & RSA (SuSE Linux+OpenSSH)

from [Darren Tucker] Network Security [Permanent Link]
Subject: Re: PAM & RSA (SuSE Linux+OpenSSH)
Date: Mon, 16 Jan 2006 19:50:27 +1100 
On Mon, Jan 16, 2006 at 09:37:14AM +0100, Juan C. Sanchez-DelBarrio wrote:

Novell SLES 9 is the OS installed in our servers. As a security officer,
I try to implement the Common Criteria EAL4+ procedure
(http://www.bsi.bund.de/zertifiz/zert/reporte/0256b.pdf and
http://www.bsi.bund.de/zertifiz/zert/reporte/0256a.pdf) in these
servers. It is necessary the use of audit program on the servers. They
recommend the combination of PAM_LAUS and AUDIT. The system managers use
the RSA authentication against the servers.


If you just want to audit access then you can use the PAM account or
session stacks to implement your auditing.

OpenSSH still calls those even for RSA authentication (assuming PAM is
enabled, of course), and if they return a failure then the access to
the system will be denied.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  security question, Tim Cross
Next by Date:  large scp/sftp from 4.1 to 3.4 fails, security.intrusion
Previous by Thread:  Re: PAM & RSA (SuSE Linux+OpenSSH), Juan C. Sanchez-DelBarrio
Next by Thread:  ssh tunneling to a windows box problem, Tim Nugent
Indexes:  [Date] [Thread] [Top] [All Lists]