Anyone doing this for PCI requirements?

What are you using for two factor authentication?

Why did you choose it over any other options considered?

I have gotten a couple of responses suggesting Google_Authenticator but haven't found anything for using that on RHEL (I did find tutorials for Ubuntu).

Also saw recommendation for Duo which looks interesting. Anyone using that who wants to share?
https://www.duosecurity.com/

I did find information saying RHEL6 includes the ability to do two factor authrentication which suggests RHEL5 didn't. Anyone know if that is true?

I use Duo Security for UNIX to protect one of my servers. It actually works pretty well. A login request is pushed to the iOS app.

There are multiple other ways to provide two-factor authentication though. Millions of tutorials on the web too.

1 members found this post helpful.

We've been using RSA SecurID in my organization, and it's worked pretty well (I even have it running on a few Debian boxes). Asministering the server is pretty straightforward, but there are some annoyances (e.g. the new token files can only be decrypted using Windows). I didn't make the decision on RSA; the security tean decided on it for a variety of reasons.

Before that, I had been looking into YubiKeys. I even got so far as to set up a test infrastructure. The software was rather rough around the edges, but it seemed to work well once set up/

1 members found this post helpful.