* [slightly OT?] TOTP gateway for any service on any server
@ 2014-09-20 13:50 Sitaram Chamarty
2014-09-20 14:46 ` Andrew Latham
0 siblings, 1 reply; 2+ messages in thread
From: Sitaram Chamarty @ 2014-09-20 13:50 UTC (permalink / raw)
To: Gitolite Google Groups, git@vger.kernel.org
Hi all,
I've just created a general purpose TOTP "gatekeeper" that is designed
to gate access to any service on any server/OS (as long as traffic can
only go *through* the TOTP gatekeeper).
The inspiration was Konstantin Ryabitsev's implementation of two-factor
authentication for kernel.org -- from which I got the idea of "use TOTP
to whitelist an IP for some time".
I then extended it to protect any TCP port on any server behind the
gatekeeper. http://gitolite.com/totport/ is the documentation, and the
source is linked there.
I'd welcome any feedback but please be mindful of the fact that deep
discussion may veer way off-topic for the git or gitolite mailing lists,
although I hope I won't get flak for *this* email :-)
sitaram
--
You received this message because you are subscribed to the Google Groups "gitolite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [slightly OT?] TOTP gateway for any service on any server
2014-09-20 13:50 [slightly OT?] TOTP gateway for any service on any server Sitaram Chamarty
@ 2014-09-20 14:46 ` Andrew Latham
0 siblings, 0 replies; 2+ messages in thread
From: Andrew Latham @ 2014-09-20 14:46 UTC (permalink / raw)
To: Sitaram Chamarty; +Cc: Gitolite Google Groups, git@vger.kernel.org
Sitaram
Looks good and can be very useful. I can even image some edge cases of
using this in automation. Will have to find the time to test this.
On Sat, Sep 20, 2014 at 8:50 AM, Sitaram Chamarty <sitaramc@gmail.com> wrote:
> Hi all,
>
> I've just created a general purpose TOTP "gatekeeper" that is designed
> to gate access to any service on any server/OS (as long as traffic can
> only go *through* the TOTP gatekeeper).
>
> The inspiration was Konstantin Ryabitsev's implementation of two-factor
> authentication for kernel.org -- from which I got the idea of "use TOTP
> to whitelist an IP for some time".
>
> I then extended it to protect any TCP port on any server behind the
> gatekeeper. http://gitolite.com/totport/ is the documentation, and the
> source is linked there.
>
> I'd welcome any feedback but please be mindful of the fact that deep
> discussion may veer way off-topic for the git or gitolite mailing lists,
> although I hope I won't get flak for *this* email :-)
>
> sitaram
>
> --
> You received this message because you are subscribed to the Google Groups "gitolite" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+unsubscribe@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
~ Andrew "lathama" Latham lathama@lathama.com http://lathama.net ~
--
You received this message because you are subscribed to the Google Groups "gitolite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gitolite+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-09-20 14:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-09-20 13:50 [slightly OT?] TOTP gateway for any service on any server Sitaram Chamarty
2014-09-20 14:46 ` Andrew Latham
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.