#11828: Look into using one-time-passwords as secondary authentication method for baron -------------------------+---------------------------- Reporter: zooey | Owner: haiku-sysadmin Type: task | Status: new Priority: normal | Milestone: Component: Sys-Admin | Version: Resolution: | Keywords: Blocked By: | Blocking: Has a Patch: 0 | Platform: All -------------------------+---------------------------- Comment (by zooey): Centinel, jprostko: I'm impressed :-) Once you've ironed out that last subtle detail, I think we can copy your OTP implementation onto on of the VMs running on baron (either vmdev or vmweb). While thinking about the VMs, an "interesting" aspect crossed my mind: vmrepo hosts the git repositories, so a lot of people login via ssh in order to push any changesets upstream. The interesting part is that this includes admins, too. We can't ask every of these users for an OTP every time they push a changeset, so maybe we should limit the OTP requirement to the invocation of sudo? What do you think? Would it maybe even make sense to implement that scheme generally, i.e. only every require OTP for sudo? -- Ticket URL: <https://dev.haiku-os.org/ticket/11828#comment:18> Haiku <https://dev.haiku-os.org> Haiku - the operating system.