On Thu, Nov 27, 2008 at 8:40 PM, <im_ciobica@...> wrote:
> Hi,
>
> I just joined this group. It is still active?

Still in service, not a lot of activity since the product changed owners.

That may in part be just a testament to the stability of the SecurID product :)

I haven't been posting because my former employer had chosen to retire
their SecurID deployment in favor of Microsoft Active Directory with
reusable passwords -- I felt so shamed by this business decision thatI
couldn't show my face here :)


> Anyone managed to install a SecureClient (like the ones from Check
> Point) to use a SecurID token with Linux? Or any other way to use the
> SecurID with Linux?

For supported platforms, you can use the official "agent" to directly
authenticate for OS services, this is usually a local PAM agent
talking the proprietary protocol to the SecuriD server. Same goes for
Apache web servers.

For unsupported platforms, I've had mixed luck using a generic RADIUS
agent to talk to a RADIUS service runing on the SecurID server. I
have seen issues where this leads to tokens being more likely to go
into "next tokencode" mode. Same goes for Apache web servers and
mod_auth_radius.


Kevin