From: Tim Neu (dctk.xchhhlfr@cloeren.com)
Date: Wed May 28 2003 - 18:15:49 EEST
On Wed, May 28, 2003 at 10:09:43AM -0500, J. Lance Cotton wrote:
> I am not serious enough to worry about the SecurID solution. I guess it's
> not a big deal, since I don't plan on remote adminstering too often.
>
> I would bet my ham license on being able to use encryption for
> authentication. I think the FCC looks more at the spirit of the rules than
> the exact (and ambiguous at times) letter of the rules. So long as you can
> show that whatever you are encrypting (password) carries no information if
> asked. The problem would just be possible abuse (I swear that 16k encrypted
> chunk of data is my password, not an order for 2000 widgets for my
> company!).
>
> I just recalled using the s/key one-time-password system at school once, so
> I will look into that. It seems to be a good solution: secure and
> low-bandwidth.
The only problem is that with a one-time authentication event, it could be fairly easy to hijack a control session in
mid-stream. (however remote the possibility may be)
One neat solution might be digitally signing each command that requires authentication - but that is out of my
league!
Good luck! 73s.
-- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- ______ _ __ Military Intelligence / ' ) ) -KC0LQL- Honest Politician / o ______ / / _ . . Intellectual Property / <_/ / / < / (_</_(_/_ -- terhi.victor@logonet.com / http://www.visi.com/~tneu -- - To unsubscribe from this list: send the line "unsubscribe linux-hams" in the body of a message to oqdufms.qpckm@mx.dy.fi More majordomo info at http://vger.kernel.org/majordomo-info.html
This archive was generated by hypermail 2b30 : Wed May 28 2003 - 18:16:17 EEST