Become a fan of Slashdot on Facebook


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - PAM Authetication via USB storage devices

Tomhet writes: "User authentication is commonly done by verifying user/password tuples. Serious administrators shouldn't use the same password for every authentication-based service, but the increasing number of per-person-accounts finally often leads to laziness (especially when accepting the "holy rules" of passwordmanagement, where passwords should be long and cryptic).

Smartcards offer a well secured alternative to passwords, but in spite of costs, a smartcard-reader is needed everytime you'd like to get authenticated on your system.

pam_usbauth is a module for Unix PAM which allows passwordsless local authentication via ordinary USB storage devices (aka USB-dongles). USBAuth supports password hashing, internal one-time-password management and USB device ID binding to provide as much security as possible, a storage device without integrated programmable logic can offer.

The module isn't based on device mounting or USB libraries, which makes it possible to authenticate before actually logging in to mount the device(s), and can even be used with MMC-, CF- and SD memory cards (if your kernel supports them).

In addition, it uses a triggering system, which makes it possible to automatically lock sessions or unmount certain (possibly encrypted) partitions on plugin- or plugout-events.

The source as well as packages for Debian can be obtained from this site (building via SVN is strongly recommended)."

Slashdot Top Deals

Money cannot buy love, nor even friendship.