authentication with hardware device identification??
David Southwell
david at vizion2000.net
Fri Jan 15 14:36:04 UTC 2010
Hi
I want to be able to permit ssh access to servers over the internet in a way
that limits that access to specific hardware (i.e. laptops with known hardware
configurations and devices). So I am looking for some additional layer of
security on top of the normal private key & certificate system in a way that
would enable me to configure a pf rule that would, as an addition to other
rules, only pass external connections to ssh port from external systems
having the correct hardware/device specifications.
One way of doing this might be to filter looking for a packet containing the
required information in encrypted form. If the data is valid then the
originating IP address might (for example) be added for a limited time to a
pass rule which would then enable the system to connect to the ssh port to
login.
Is this achievable?
David
More information about the freebsd-ports
mailing list