gnumed-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnumed-devel] Hosting an encrypted pythonic simplehttp GNUmed serve


From: Jim Busser
Subject: Re: [Gnumed-devel] Hosting an encrypted pythonic simplehttp GNUmed server
Date: Sun, 01 Aug 2010 10:56:34 -0700

On 2010-08-01, at 12:58 AM, Sebastian Hilbert wrote:

> Now I understand where you one-time password quest comes from.

Yes, certainly if practicality demands that you use non-owned machines to log 
in remotely with web browser. I like to hope that the hospital machines are 
only minimally infected but you cannot know that, for sure, either when it 
turns out any OS has vulnerabilities with exploits found in the wild.

Luke already quickly looked into Yubikey

        e.g. http://www.yubico.com/files/YubiKey_in_Linux_Journal.pdf

and figured likely it has to go in at the postgresql level, because it's 
postgresql that's doing the authentication, that means probably doing this as 
PAM, because postgresql can "hand off" to underlying unix.

There exists yubico-pam and ... many yubico server implementations _use_ 
postgresql as the back-end for storage of the OTP keys.

greaaaat.

As far as https, I don't know whether what you found might be the preferred way

        
http://code.activestate.com/recipes/442473-simple-http-server-supporting-ssl-secure-communica/

rather than apache as per here

        http://blog.elzapp.com/docs/apache-proxy

-- Jim




reply via email to

[Prev in Thread] Current Thread [Next in Thread]