HPE Community
Operating System - HP-UX
1827411 Members
5275 Online
109965 Solutions
New Discussion

Seeking Feedback on UNIX SecurID

 
Laurie A. Krumrey
Regular Advisor

‎03-21-2001 07:19 AM

‎03-21-2001 07:19 AM

Seeking Feedback on UNIX SecurID

Is anyone using UNIX SecurID, a token-based
system that requires all telnet sessions to
be challenged with a SecurID number.

If so...

How easy was it to install and implement?
Any problems or concerns I should know about?

I'm trying to decide if we should use this.

Any help here is greatly appreciated...
Thank You,
Laurie Brown
Happiness is a choice
0 Kudos
Reply
2 REPLIES 2
Patrick Wallek
Honored Contributor

‎03-21-2001 07:43 AM

‎03-21-2001 07:43 AM

Re: Seeking Feedback on UNIX SecurID

I haven't ever used SecurID, but I am familiar with something that is very similar.

I think the biggest question to ask is why are you considering this and where are your telnet connections coming from? Are all connections from within your corporate network, or are people coming in via the Internet?

If you are interested in making sure you get connections only from certain people, or IP addresses, then you should look at using the file /var/adm/inetd.sec as you can allow or deny access to the machine by IP address.

If you are getting connections from the Internet and inetd.sec will not work, then the SecurID concept may be a good one for you. Just be prepared for users that forget their passwords, challenge responses, etc.
0 Kudos
Reply
Rick Garland
Honored Contributor

‎03-21-2001 08:09 AM

‎03-21-2001 08:09 AM

Re: Seeking Feedback on UNIX SecurID

I have installed and used the SecuridID for dial-in sessions. This was useful for those working from home or sysadmins (like us!) who get calls at oh-god-thirty in the morning.

For in-house, do not see much of a need since you can restrict access as stated.

Overall, I had no trouble with the product. There is some management type work to keep track of who has what SecurID device.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.