[haiku-bugs] Re: [Haiku] #11828: Look into using one-time-passwords as secondary authentication method for baron
- From: "zooey" <trac@xxxxxxxxxxxx>
- Date: Thu, 12 Feb 2015 19:58:39 -0000
#11828: Look into using one-time-passwords as secondary authentication method
for
baron
-------------------------+----------------------------
Reporter: zooey | Owner: haiku-sysadmin
Type: task | Status: new
Priority: normal | Milestone:
Component: Sys-Admin | Version:
Resolution: | Keywords:
Blocked By: | Blocking:
Has a Patch: 0 | Platform: All
-------------------------+----------------------------
Comment (by zooey):
Centinel, jprostko: I'm impressed :-)
Once you've ironed out that last subtle detail, I think we can copy your
OTP implementation onto on of the VMs running on baron (either vmdev or
vmweb).
While thinking about the VMs, an "interesting" aspect crossed my mind:
vmrepo hosts the git repositories, so a lot of people login via ssh in
order to push any changesets upstream. The interesting part is that this
includes admins, too. We can't ask every of these users for an OTP every
time they push a changeset, so maybe we should limit the OTP requirement
to the invocation of sudo? What do you think? Would it maybe even make
sense to implement that scheme generally, i.e. only every require OTP for
sudo?
--
Ticket URL: <https://dev.haiku-os.org/ticket/11828#comment:18>
Haiku <https://dev.haiku-os.org>
Haiku - the operating system.
Other related posts:
