Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

vncserver with SMS OTPs?

Posted on 2012-12-27
1
Medium Priority
?
350 Views
Last Modified: 2013-01-25
Hi all,

I am trying to improve the security of vnc remote access to a particular server (RHEL 5.0) which is used to perform administrative functions in the production network for my team.

I wish to implement a sms-otp type security mechanism to secure authentications to the user connections to the vncserver service.

Anyone has any ideas or experience on how do i go about implementing this?

Thanks!
0
Comment
Question by:jaglin
1 Comment
 
LVL 65

Accepted Solution

by:
btan earned 800 total points
ID: 38729030
Another proxy at the front before granting service ... below example for info

http://www.rcdevs.com/products/openotp/smsotp.php

https://devcentral.f5.com/tech-tips/articles/one-time-passwords-via-an-sms-gateway-with-big-ip-access-policy-manager

Other (not SMS based ....)

Setup Two-Factor Authentication using OpenOTP
http://www.linuxforu.com/2011/08/setip-two-factor-authentication-using-openotp/

Setup Two-Factor Authentication using Google Authenticator and Secure Gateway
https://devcentral.f5.com/tech-tips/articles/two-factor-authentication-with-google-authenticator-and-ldap
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware - Defeated! Client opened the wrong email and was attacked by Ransomware. I was able to use file recovery utilities to find shadow copies of the encrypted files and make a complete recovery.
Let's take a look into the basics of ransomware—how it spreads, how it can hurt us, and why a disaster recovery plan is important.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question