Mario Misic <mario @
hr> queried the List:
>Is there anybody who use Livingston RADIUS-2.0 Security Server ?
>I have a few questions about it!
>Does Radius 2.0 support one time password?
Yes, Livingston integrated direct support for SDTI's two-factor
ACE/SecurID into Radius 2.0. The SecurID is a hand-held authenticator, a
token, which generates a pseudo-random number which changes every 60
seconds. (The ACE Agent in Radius 2.0 will also support SoftID, SDTI's
wholly software token emulator for WIN PCs.) ACE/SecurID support is a part
of the RADIUS user profile and can be selectively implemented for some,
all, or none of individual user accounts.
The ACE/Server can even be run on the same hardware platform as the
Radius Security Server (but note that while Radius supports NT and nine or
ten flavors of UNIX; the ACE/Server rides only NT and the big four
commercial versions of UNIX.) Visit http://www.livingston.com or
http://www.securitydynamics.com (a client of mine) for details.
>Is it possible to use encrypction between client and Radius 2.0 server?
Radius (Remote Authentication Dial In User Service Security and
Accounting) is a distributed client/server authentication system only.
Interaction between the Radius Agent/Client (based in a
communication server like Livingson's Portmaster or a network access
server) and the Radius Server is limited largely to Identification &
Authentication data -- and that data is always encrypted as it is passed
back and forth.
"Cryptography is like literacy in the Dark Ages. Infinitely potent, for
good and ill... yet basically an intellectual construct, an idea, which by
its nature will resist efforts to restrict it to bureaucrats and others who
deem only themselves worthy of such Privilege."
_ A thinking man's Creed for Crypto/ vbm.
* Vin McLellan + The Privacy Guild + <vin @
53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548