How do all,
I just had a cool idea for strengthening SSH logins without resorting to key-based logins:
DISCLAIMER: I haven't researched this nor do I know if someone's had this idea before, I could very well be the last person to think of this, not the first. Not only that but it could also just be an all around crappy idea
Setup SSH to accept password logins. After a successful password login somehow trap the user/shell and present them with another login. This login would consist of another random password that was just generated on the fly and is sent via text message to a pre-defined cellphone number (maybe even one specific to whichever user you logged in as). After you've received the second, and one off, login via cellphone you enter it and login.
I was just thinking of a way to allow myself SSH access from various locations to my server without having to carry around my private key and also without going with only password protection.
This really isn't overly bright or unique as plenty of places have instituted similar two-factor authentication systems - I just wouldn't want to have to purchase one of those cool little random number login generators (if you've seen them you know what I mean).
Anyhow, what does LQ think? Do-able? Already done? Poor idea?
Enjoy