Articles by nowen

  • Configuring SSH To Use Freeradius And WiKID For Two-Factor Authentication

    Author: nowenTags: Comments: 2

    Configuring SSH To Use Freeradius And WiKID For Two-Factor Authentication Radius is a great standard. It is powerful enough to accomplish a great deal and simple enough to be easy to handle. Freeradius is an excellent, open source radius server that ships with many Linux variants. It is well documented and well supported. The WiKID Strong Authentication server is a commercial/open source two-factor authentication system that uses public key encryption to transmit PINs and one-time passcodes securely to software tokens running on Blackberries, cell phones, Palms, PocketPCs or, using the J2SE client, Linux, Macs and Windows PCs. You can think of WiKID like certificates, but without the hassles of white lists/black lists and more secure - because the PIN is validated on the server preventing offline brute-force attacks.

  • How to configure Squid for two-factor authentication from WiKID

    Author: nowenTags: , , Comments: 0

    How to configure Squid for two-factor authentication from WiKID In this guide we will show how Squid can be configured to support two-factor authentication from a WiKID server, allowing users to be centrally authenticated, but their requests still distributed for efficiency.

  • How to configure OpenVPN to use WiKID Strong Authentication

    Author: nowenTags: Comments: 0

    How to configure OpenVPN to use WiKID Strong Authentication The WiKID Strong Authentication System  is a commercial/open source two-factor authentication solution.  This guide demonstrates how to OpenVPN and SSH to use one-time passwords from WiKID.  While both solutions support private key authentication, that may not be sufficient for your requirements; you may need one-time passwords for webmail or extranet access; or centralized authentication management and logging.

  • How To Configure Apache To Use Radius For Two-Factor Authentication On Ubuntu

    apache Author: nowenTags: , , , Comments: 1

    How To Configure Apache To Use Radius For Two-Factor Authentication On Ubuntu This document describes how to add WiKID two-factor authentication to Apache 2.x using mod_auth_radius on Ubuntu 8.1. A previous article described how to add two factor authentication to apache on Fedora. Interestingly, a patch has been created to update mod_auth_radius to work with Apache 2.2+, however, it has only been updated for Debian and Ubuntu. For Fedora and other RedHat flavors of Linux, it is recommended that you use mod_auth_xradius.

  • Secure SSH Using WiKID Two-Factor Authentication And TACACS+

    Author: nowenTags: , Comments: 0

    Secure SSH Using WiKID Two-Factor Authentication And TACACS+ These instructions are designed to help you configure and test using the WiKID TACACS+ protocol module via Linux PAM on Red Hat. This document has been updated to cover pam .99 and higher. We assume that you have already installed the open-source WiKID Strong Authentication Server Community Edition.

  • How To Secure Postgresql Using Two-Factor Authentication From WiKID

    Author: nowenTags: , Comments: 0

    How To Secure Postgresql Using Two-Factor Authentication From WiKID Databases are the key repository for critical data.  If you are storing information that needs to be kept secure from prying eyes, especially credit card or personally identifiable information (PII) you might be required to control access using two-factor authentication.  This tutorial demonstrates how to secure Postgresql with two-factor authentication from WiKID.

  • How To Add WiKID Two-Factor Authentication To The Astaro Security Gateway

    Author: nowenTags: Comments: 0

    How To Add WiKID Two-Factor Authentication To The Astaro Security Gateway Astaro is a very popular Linux-based "all-in-one" security appliance offering spam filtering, malware protection, firewall, VPN, etc. The WiKID Strong Authentication Server is a dual-source two-factor authentication system. PINs are encrypted on a software token and sent to the WiKID server. If the PIN is correct, the encryption valid and the account active, a one-time password is generated, encrypted and returned to the user's token where it is decrypted and presented for use with a network-based services. This document will show how to add WiKID two-factor authentication to the Astaro Security Gateway version 7 using Radius.

  • How to add two-factor authentication to Google Apps for your Domain using open source software

    Author: nowenTags: , , , Comments: 2

    How to add two-factor authentication to Google Apps for your Domain using open source software Everybody loves GMail. With Google Apps for you Domain, you can use GMail with your own domain, allowing organizations to outsource their email - and the requisite anti-spam filtering to Google. Webmail is very convenient, but for frequent travellers and those who use public wifi, it can be quite dangerous. Logging in from a kiosk or shared computer is a sure way to get your username and password stolen by a keystroke logger. Using a public WiFi system can lead to a man-in-the-middle attack. In this document we will take advantage of two open source projects to add two-factor authentication to Google Apps. The first is Gheimdall, a a TurboGears project for Google Apps SSO service. Gheimdall supports PAM and LDAP authentication natively. It also includes sample code to add new authentication methods, which made it very easy to add two-factor authentication from WiKID. WiKID is a dual-source two-factor authentication solution that uses public key cryptography to strongly authenticate users.

  • How to Secure VSFTP with SSL and Two-factor Authentication

    Author: nowenTags: , Comments: 0

    How to Secure VSFTP with SSL and Two-factor AuthenticationRecently, there was a report from Finjan that administrator credentials for over 9,000 FTP servers were for sale. Then, F-Secure noted an increase in FTP-based attacks. Many companies and organization still use FTP extensively. If you're running an FTP server and you think you're admin credentials might be one of those 9,000, you should consider implementing two-factor authentication for SSH, which will then also give you two-factor authentication for SCP. This document shows how to configure the popular and secure VSFTP to use SSL for encryption and WiKID for two-factor authentication for your FTP users.

  • How to install the WiKID Strong Authentication Server - Community Edition

    Author: nowenTags: Comments: 0

    How to install the WiKID Strong Authentication Server - Community Edition The WiKID Strong Authentication Server is a dual-source two-factor authentication system. PINs are encrypted on a software token and sent to the WiKID server. If the PIN is correct, the encryption valid and the account active, a one-time password is generated, encrypted and returned to the user's token where it is decrypted and presented for use with a network-based services. While there are a number of tutorials on how to combine WiKID's two-factor system a variety of systems (such as SSH, OpenVPN, Apache and SSL-VPNs), this is the first to address how to install the WiKID Server.