a list of OTPs would be sufficient if i didn't think i'd end up regularly issuing new lists to users. if there is any "good" solution of the sort i describe above, i would appreciate pointers from more knowledgeable folks.
cheers, jake --
would like to lock "random" users out of the services that are hosted on
machines here and remember LLNL, etc, using a RSA secureID to effect
this back in the day: you had to enter your secureID string before being
able to ssh into your user account through the firewall. i am aware that
the secureID uses a closed-source algorithm to generate its codes and is
thus, IMO, not a desirable solution. the goal is to allow only users
with (1) a hardware token and (2) the correct passwords to access
services (IMAPS, etc) on openbsd machines.
- seeking hardware token recommendations Jacob Yocom-Piatt
