[lug] Re: Second hand security cards (Mike Stanczyk)

Brian Stiff bstiff929 at yahoo.com
Thu Dec 23 19:57:02 MST 2004

The SecrID tokens will work with Linux, in a sense. 
To get these things working, you'll need the back end
auth server that your authenticated resources are able
to talk to.  IIRC, the server offers a RADIUS option,
as well as a few other AAA protocols, as well as their
proprietary ("propriarary?")  protocol.  SecurID cards
are part of a "two-factor" authentication system,
where the token generates a new PIN code every 60
seconds or so, which is synchronized with the back-end
server.  When you log in, you must present your
username as well as the PIN code generated by the fob,
plus your private password.  The whole mess is passed
off to the back-end which knows your username, your
passcode, and is synced with the PINs generated by the
fob.  This is an example of how two-factor systems
work, where you must have the fob's PIN, plus your
secret passcode.  One without the other is no good.

The fobs are useless without the server, unless you
want a bulky lump on your keychain that generate a
seemingly random string every sixty seconds.  If you
can a torrent for the server, these are worth
something, otherwise, they're about the nerdiest
novelty you'll ever pay too much money for.

Do you Yahoo!? 
Jazz up your holiday email with celebrity designs. Learn more. 

More information about the LUG mailing list