[Beowulf] One time password generators...

Nifty Tom Mitchell niftyompi at niftyegg.com
Thu Mar 26 21:36:57 PDT 2009


On Thu, Mar 26, 2009 at 10:28:12AM -0400, Robert G. Brown wrote:
> Subject: Re: [Beowulf] One time password generators...


Scanning back I did not see VPN as a component
of a solution.  Perhaps I missed it.

Layered security should be part of most projects... IMO
It makes sense to me that the keyboard box 
find itself well inside a DMZ zone with the only 
"live" network being the secured net.

It may be that a VPN solution with integrated OTP 
support will prove easier to evaluate, justify, install, support
and REPLACE.   

Once inside the VPN, ssh and friends might be used 
to manage resources (in contrast to access).

One value of this is that once inside the VPN, cluster tools and applications
can use different access methods as apropriate to the task at hand.
I.e. I cannot see a per host OTP solution for an MPI cluster or
multiple NFS server mounts.

Later,
mitch


-- 
	T o m  M i t c h e l l
	Found me a new hat, now what?




More information about the Beowulf mailing list