Jump to content

This is the support site for Andrews & Arnold Ltd, a UK Internet provider. Information on these pages is generally for our customers but may be useful to others, enjoy!

FireBrick OTP: Difference between revisions

FireBrick OTP (view source)

Revision as of 12:04, 17 February 2011

770 bytes added ,  17 February 2011
→‎Password and OTP example
</syntaxhighlight>
With this, bob will need to log in to the FireBrick using the password of <opt><password> - is the opt value followed by his password.
 
===Restricting Access===
This isn't really OTP related, but user related.
A user can be given a list of IPs (or an IP group) that they are only allowed to log in from.
So, we may want a user that doesn't use the OTP, but is restricted to certain IPs that he can log in from. eg, we can list the LAN IPs, and perhaps some known remote IPs too. -this will also help in the event of the OTP device being lost!
We can then set a user that is not restricted by IP address, which means that you can log in to the FireBrick from anywhere as long as you use the OTP as well -so security is tighter as both a password and the OTP are required. eg
<syntaxhighlight>
<user name="bob" timeout="PT1H" otp="Bobs keyring" comment="OTP token" password="secret"/>
</syntaxhighlight>
AA-Andrew
autoreview, Bureaucrats, editor, Interface administrators, reviewer, Administrators
12,290

edits

Retrieved from ‘http://support.aa.net.uk/Special:MobileDiff/695