From mboxrd@z Thu Jan 1 00:00:00 1970 From: William Ahern To: 9fans@cse.psu.edu Subject: Re: [9fans] pop3 before smtp Message-ID: <20030711150306.GB26212@wilbur.25thandClement.com> References: <967768cb40aa71d536446da30109cc15@plan9.bell-labs.com> <01ed01c34740$aa416f80$b9844051@insultant.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <01ed01c34740$aa416f80$b9844051@insultant.net> User-Agent: Mutt/1.5.4i Date: Fri, 11 Jul 2003 08:03:06 -0700 Topicbox-Message-UUID: f604fa22-eacb-11e9-9e20-41e7f4b1d025 On Fri, Jul 11, 2003 at 02:09:15AM +0200, boyd, rounin wrote: > at some point when the bank [french] were talking about doing > X.509 stuff and random things with their clients i suggested > they stuck the certs on a chip/smart card (the things being > rampant in france since a govt decree in 1991) and jamming > it into a reader. when it dies it's dead and then you use some > other channel to renew it. > I bought a 10-pack of Schlumberger cryptocards (RSA operations computed on-chip, plus the USB controller is on-chip so there's no need to carry around a card reader everywhere). I've been meaning to setup a completely password-less system for login to my personal machines, as well as authentication to my servers via ssh. Now I'm writing an Apache module to interface w/ BSD Auth (similar to PAM), so it can all integrate w/ the web sites as well. The only problem is I can't get the damn thing to get recognized in Linux.... Supposedly everybody and their uncle has gotten it to work in a snap. *sigh* Interactive password systems stink, but like many other sticky subjects, where's the alternative? (tho in an all Windows environment I've read its fairly workable).