PuTTY Challenge for PIN Needed

Showing results for 
Search instead for 
Do you mean 
Reply
Participant II
Posts: 8
Registered: ‎04-29-2015
#1 of 2 350

PuTTY Challenge for PIN Needed

This is a follow-up to a post I made almost 3 years ago: PuTTY prompt for PIN

 

This topic has resurfaced (DOD systems).  We are being requested to challenge the user for their PIN whenever they log into a server using PuTTY.  This requirement is to bring the Linux systems in line with the way Windows RDP sessions are authenticated.  Evidently, SSO does not satisfy this requirement.

 

Can this be implemented?  It looks like the underlying framework is there.  If it cannot we need to start looking for a solution elsewhere or modify the source code ourselves to take advantage of multiple smart card tokens.

 

Centrify
Posts: 9
Registered: ‎03-23-2017
#2 of 2 317

Re: PuTTY Challenge for PIN Needed

Please kindly check the following information.

At the moment Linux and Unix access via SSH does NOT provide remote access to the Smart Card, nor does SSH support PKI based authentication (something we are looking into adding, but it's not there today).


For PuTTY challenge with PIN, there is an open-source SSH client PuTTY-CAC for Windows which supports smartcard authentication, particularly using the US Department of Defense Common Access Card (DoD CAC) as a PKI token. Also, Centrify is looking to adapt this integration in our future release.

Site:
https://risacher.org/putty-cac/index-old.html