Slashdot Mirror

← Back to Stories (view on slashdot.org)

Free/Open ACE Servers?

Posted by Cliff on from the escaping-the-proprietary-trap dept.

Tsk asks: "One of the companies I work for uses ACE server for which I need a SecurID. This works fine in closed source Unix environment, however at home I have a mix of closed source unix, free unixes and Windows machines. I would like to be abe to use my SecurID at home and thus secure my network. I'm trying to do this because I have a client that only has BSD/Linux servers, who would like to implement a SecureID based solution. I did a Google search already using 'ACE server Open' and 'ACE server Free' and received no results. I'm wondering if such setup is doable, if the software to build it is available?"

3 of 25 comments (clear)

  1. It is do-able technically... by turambar386 · · Score: 2, Interesting

    The algorithm was posted last year to Bugtraq by a Russian who decompiled one of the PalmPilot software tokens. Therefore it is technically possible to create your own ACE clone server.

    However, I'm sure that if you tried to distribute it that RSA would come after you with a big stick.

    Your real practical problem, however, is that even if you coded a clone authentication server, you need the seed for your particular token in order to make it work. Unless you are good friends with the ACE administrator at your work, this is unlikely to happen.

  2. Use S/Key for your home network by kriston · · Score: 2, Interesting

    Part of SecurID's security is that you need RSA to create the seed for you unless you can copy that seed for your home network and use it there. Since this is your own home network anyway, use S/Key instead for a similar one-time pad security solution:
    http://www.ece.nwu.edu/CSEL/skey/skey_eecs.html

    Kris

    --

    Kriston

  3. RSA SecurID Algorithm by turambar386 · · Score: 2, Interesting


    I didn't have time earlier, but for those interested, here is the original Bugtraq post by 'I.C. Weiner' (those Russians are so funny.. and modest too!) detailing the RSA SecurID Algorithm.

    And for those really interested in the topic, here is Vin McLellan's excellent response detailing why publication of the algorithm does nothing to hurt the security of the system.

    One last thing.. some people are saying that ACE will only run on Windows or Solaris. According to my ACE/Server 5.0 Install Guide for UNIX, it is also supported on AIX and HP-UX. The Guide also seems to suggest that it may run on other unices, but would not be supported by RSA.