Am Wednesday 17 September 2008 15:04:19 schrieb Alan McKinnon: > I had thought of that, but I'm shying away from it - the admin load of > supporting that many user passwords is crippling. The users forget their > passwords or share them and write them on stciky notes...
What about one-time-passwords? In addition to a user-supplied SSH-key (whether encrypted or not)? There's J2ME-software (i.e., installable on pretty much any "normal" mobile phone) to compute OTPs for users, so you don't even need additional hardware such as RSA-Tokens, and there's no (noticeable) administration-overhead. Some intro on this which I just found on google which uses opie: http://www.heise-online.co.uk/security/One-time-passwords-for-home-users--/features/88570 -- Heiko Wundram
