Smartcard and non-password methods (was Re: Password repository)

Christopher Morrow morrowc.lists at
Mon Nov 23 04:52:36 UTC 2009

On Sat, Nov 21, 2009 at 10:45 PM, Scott Howard <scott at> wrote:
> On Sat, Nov 21, 2009 at 6:38 AM, John Levine <johnl at> wrote:
>> > Are passwords still the only lowest-common-denominator?
>> There's OpenID, where a provider can use any verification process it
>> wants, but all the OpenID providers I know use ordinary passwords.
> I'm currently trialing Yubico's for access to a number of Unix systems (via
> PAM), and they seem to work very well.  Haven't played around with the

+1 for yubico's simplicity to setup/use. They also support a 'run your
own auth server' model, so if you've got a closed system you don't
have to find a way to sneak out http/s links to yubico-land.

> OpenID support, so I can't comment on if/how well it works.

I have not used their openid support either... but it looks promising.


More information about the NANOG mailing list