Smart Card Admin Authentication



  • Hi fellows,

    I was wondering two things:

    1. Is it possible to change the default username from Admin to something else?
    2. Is there any chance to integrate additional identification to the admin webpage, for example Smart Card authentication in addition to normal username/password authentication?

    Regarding the second query, my idea is when I connect to my router admin webpage, before login, a pop-up window comes asking to input smart card into a reader and after successful user/pass authentication and smart card authentication the router gives you access to the admin interface. Is that possible?

    I'm looking forward to hearing from you fellows.

    –-
    Kind Regards,
    Nikolay



  • I second this motion.

    I use a Yubikey for a lot of my sites which helps increase security quite a bit.  Having something like a smartcard or even a OAUTH mechanism would be fantastic!



  • Me too. I'd like to see something like One Time Password devices supported (those tokens with just an LCD screen and a button), and support for these in OpenVPN too.



  • @medfordite:

    I second this motion.

    I use a Yubikey for a lot of my sites which helps increase security quite a bit.  Having something like a smartcard or even a OAUTH mechanism would be fantastic!

    Yeah, we're looking into it.  Everyone at Netgate / ESF is getting a yubikey.
    I'm considering them as an optional access to the ESF websites, too.



  • i am willing to pay for Smart card authentication if it can also be integrated into Openvpn along with Webui login.

    -It would be really cool if we can change the default Admin login name.



  • I found this on the web, Nitro Key

    User authentication on local computers (e.g. Windows, Linux) and networks (e.g. Firefox, OpenSSH,
    OpenVPN, IPSec, OpenID).