HPE Community
Operating System - HP-UX
1833850 Members
2176 Online
110063 Solutions
New Discussion

Re: SecurID authentication - how?

 
Jeff Hargiss
Advisor

‎01-31-2003 11:41 AM

‎01-31-2003 11:41 AM

SecurID authentication - how?

i am looking to use securid tokens for authentication [ace server is already in place].

any idea how to point the hp-ux 11.x to use that instead of the passwd file?

i am not using ssh, and have no plans to. [the xterms don't support it]

thanks!
illegitmus non corrundum
0 Kudos
Reply
5 REPLIES 5
Jeff Schussele
Honored Contributor

‎01-31-2003 11:53 AM

‎01-31-2003 11:53 AM

Re: SecurID authentication - how?

Hi Jeff,

A couple of positions ago the corporation I worked for used SecurID.
The way it was implemented there was that you dialed (or VPN'd) into the ACE server to authenticate and THEN you could proceed with normal telnet or X-term logins.
We did not tie the ACE server to any system. It was just the gatekeeper. Once authenticated it was as if you were on the intranet. I just used Exceed or dumb ole telnet to access systems.
I don't think you want (or need) to complicate the situation by integrating ACE into HP-UX, but it's probably do-able with a custom PAM (Pluggable Authentication Module).

Rgds,
Jeff
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Jeff Hargiss
Advisor

‎01-31-2003 12:43 PM

‎01-31-2003 12:43 PM

Re: SecurID authentication - how?

thanks for the reply,

what i am having trouble with is people not keeping their passwords current on the ov collection stations.

they need to be able to log in to these boxes in case the master station has an outage.

i was thinking of using securid since we already use that on other systems.

i would use the securid for all authentication, ftp, telnet, etc.
illegitmus non corrundum
0 Kudos
Reply
Jeff Schussele
Honored Contributor

‎01-31-2003 03:30 PM

‎01-31-2003 03:30 PM

Re: SecurID authentication - how?

Hi Jeff,

By current do you mean:
A) They forget it?
or
B) They allow it to expire & their account gets locked?

If the former then I'd suggest (and not just for this reason alone) that you install & implement SSH. Then you can have them exchange keys from their workstation to the server(s) and after the first key exchange they can just ssh in.

If the latter, I'd think the better approach would be user education.

My $0.02,
Jeff (Who'd rather the horse led itself to water)
PERSEVERANCE -- Remember, whatever does not kill you only makes you stronger!
0 Kudos
Reply
Michael J Walker
New Member

‎02-17-2003 09:49 AM

‎02-17-2003 09:49 AM

Re: SecurID authentication - how?

If you figure out how to do this, publish it! I am looking to do the same, but it's more from a convenience standpoint than anything. I don't want my users (who already have securid cards) to have to change their passwords on all of the machines they have access to.
0 Kudos
Reply
Michael Langas
Advisor

‎04-09-2003 12:33 PM

‎04-09-2003 12:33 PM

Re: SecurID authentication - how?

I realize this is an old thread, but I'm hoping someone has answered it. I also want to do the same thing.

I've looked at HPs AAA server. It doesn't seem like it is really built to provide authentication to HP workstations though.

Any thoughts?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.