s/key authentication for Apache on FreeBSD?
markm at freebsd.org
Wed Dec 10 11:30:15 PST 2003
Brett Glass writes:
> After considering the readily available alternatives, I'd like to
> try using s/key one-time passwords with "basic" authentication (which
> works on most browsers). But how do I lash Apache and s/key together
> under FreeBSD, and get Apache to require s/key passwords from all
> IP addresses outside the owner's home network? (Apache doesn't have
> a mod_auth_skey module, so I'd probably have to cobble this together
> with mod_perl -- or via PAM, with which I have virtually no experience.)
> All suggestions as to the most efficient way to construct a solution
> will be most welcome.
PAM is the most sensible. Once set up, it hands over a whole lot of
policy to one set of config files, and this makes sysadmins jons much
Learning PAM is well worth your while.
iumop ap!sdn w,I idlaH
More information about the freebsd-security