Best 2 factors authentication for SSH and Apache 2.4
I have a high secure environment (PCI DSS Level 1 compliant) based on RHEL 5, I am using Apache as front-end for the application layer and of course SSHd to login into the servers.
My question is:
I need to apply a 2 factors auth for both Apache and SSHd, what is the best solution that can be easily integrated with both systems (trough PAM or some apache module) with less costs and headache?
At the moment we are using RSA tokens in other systems but I don't think it's the best solution and anyway isn't cheap (200$ for a soft token on the smartphone is just too much.)
If you need more informations don't hesitate to ask!
Thanks in advance,