s/key authentication for Apache on FreeBSD?

[Mark Murray]

Brett Glass writes:
> After considering the readily available alternatives, I'd like to
> try using s/key one-time passwords with "basic" authentication (which 
> works on most browsers). But how do I lash Apache and s/key together
> under FreeBSD, and get Apache to require s/key passwords from all
> IP addresses outside the owner's home network? (Apache doesn't have
> a mod_auth_skey module, so I'd probably have to cobble this together
> with mod_perl -- or via PAM, with which I have virtually no experience.)
> All suggestions as to the most efficient way to construct a solution
> will be most welcome.

PAM is the most sensible. Once set up, it hands over a whole lot of
policy to one set of config files, and this makes sysadmins jons much
easier.

Learning PAM is well worth your while.

M
--
Mark Murray
iumop ap!sdn w,I idlaH