[FreeNX-kNX] One-time password support?

[Todd A. Jacobs]

On Sat, Mar 11, 2006 at 04:43:41PM -0500, Nick Owen wrote:

> passcodes was that FreeNX kept asking for the password again and
> again, which obviously didn't work. I got a patch that solved that
> issue.  There is a how-to on it here:

On the commercial version, it doesn't seem to have that problem, but
here's what I have to do to get it working:

    1. Attempt login with SSH client.
    2. Get sequence number, but *DON'T* log in.
    3. Calculate password or read appropriate sequence off a pre-printed
       sheet.
    4. Type the (pre-)calculated password into the nxclient dialog.
    5. Connect.

So, the problems are two-fold:

    - You can't connect without knowing the next OTP in sequence ahead
      of time.

    - If OTP fails, you don't get the next authentication mechanism in
      sequence (e.g. regular password).

This is possibly more of a limitation on the client side rather than the
server, but I'm sure both are involved. Even with the FreeNX server
patch, I don't think it would really resolve the problems I'm
describing, would it?

-- 
Re-Interpreting Historic Miracles with SED #141: %s/water/wine/g