a user security hole in mindterm's ssh 2 applet

[Noella Pierlet]

This is our setup: we use the digipass-300-device from Vasco Data Securities.
(www.vasco.com) Those devices generate one-time passwords. Vasco has libraries
which enable you to write a pam-library that does the authentication. OpenSSH is
pam-enabled, so there you are.  For mindterm, this is completely transparant.


regards,

Noella

arseth2 wrote:

> Can OpenSSH sshd be set up to use one time passwords?
> Does it come with utilities to genereate one time passwords which can be sent
> to users?
>
> Arne