hardware preauthentication in krb5-1.3-beta4
kenh at cmf.nrl.navy.mil
Tue Jul 15 07:16:49 EDT 2003
>Just a thought, perhaps the challenge should be used as a source of
>entropy. The user consumable
>portion of the challenge can be augmented with additional randomly
>generated bytes. This
>approach permits the continued use of a classic hardware token and
>provides a semi user centric experience.
I don't see how you could do that, since the challenge has to be transmitted
in the clear (there's nothing to encrypt it with).
More information about the krbdev