[NTLUG:Discuss] CiscoVPN with RSA SecureID
Stephen Davidson
gorky at freenet.carleton.ca
Thu Dec 10 19:23:39 CST 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Chris Cox wrote:
> On Thu, 2009-12-10 at 16:05 -0600, Stephen Davidson wrote:
> ...snip...
>> Hi Chris.
>>
>> Seems I left out a few words, or maybe a paragraph (sorry). I am using
>> vpnc, but they are using RSA SecureID for the Pass Tokens. So, I am
>> trying to figure out how to get these two techs to work together on a
>> Linux client. Hoping somebody on the list has an idea or two.
>
> Well.. that's what I use, but I have one that displays the
> secret part (RSA keychain device). I just enter my username,
> my pin+RSA generated secret as the password.
>
> If you have a USB device with no display, I have no idea
> how to make that work under Linux today.
>
Hi Chris.
Ok, now I see where the confusion is, sort-of, I think. No USB gadget.
Instead, from the sysadmin (who has never set up a linux client before
- -- so he's asking me to document how I got it working, if I do get it
working)
<quote>
With our Cisco VPN configuration we require an RSA software token to be
installed on your computer as well. I found the following information
regarding the RSA software token on SUSE.
http://www.softpanorama.org/Authentication/SecurID/installation_of_securid_client_on_suse.shtml
Here is the RSA web page for Linux SecurID clients.
http://www.rsa.com/node.aspx?id=1177
</quote>
Unfortunately, this seems to be dealing heavily with Servers, not
clients. I have not yet figured out how to get this working with a
linux client. The RSA install right now is complaining that I don't
have a "sdconf.rec" file. I've queried the Sysadmin about that, but he
has yet to get back to me. I am not sure if I am supposed to have a
copy of any server side files to begin with, although some documentation
I've seen suggests that file needs to be distributed to clients. Anyone
know for sure? Or is he supposed to send me some kind of Token file?
Regards,
Steve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
iEYEARECAAYFAkshnxsACgkQSphIUSiVzgawXwCeNGGD8LfbKnsm8yQoK62WEMcm
E8cAoL62BEGzzZinaZpKPSmfrZRdChm3
=caqy
-----END PGP SIGNATURE-----
More information about the Discuss
mailing list