Episode 12: Two Factors Enter, One Factor Leaves

MacAdmins.org Podcast, Episode 12: Two Factors Enter, One Factor Leaves

Your Hosts:

Guests:

  • Richard Purves, Senior Mac Consultant at REDACTED

Synopsis:

Tom, Charles and Pepijn talk with Richard Purves on the role of multi-factor authentication (MFA) in Mac systems administration, including a short history of MFA, how to work with MFA in macOS Sierra and Mac OS X. We cover a bunch of the infrastructure necessary to work with MFA, as well as tactics and strategies for their inclusion in your IT operations.

Listen!

Links

MilitaryCAC

Plink plink fizz method – Decapping Chips the strike easy hard way – Defcon Video

WARNING: Deals with either carcinogenic or flammable or corrosive chemicals. Usually a combination of two of these! Informational only: do not perform unless a trained lab chemist.

CDSA / TokenD
OpenSC

Sc_auth
Pkinit
Heimdall Version

Note that on OS X, this information is good background but doesn’t seem to work on macOS. Doing anything with the kerberos realm appears to be ignored and Apple instead looks for a file at /etc/cacconfiglogin.plist instead.

Best doc I found on this file

Methods of Smart Card working

$ sudo security authorizationdb smartcard enable

Seckey

Crypto Token Kit

ISO 7816

Mike Kaply CCK2

Centrify

Java Card

Ludovico Rousseau

Richard’s Blog Posts on Smart Cards
Part 1
Part 2

Rate Us On iTunes!

Give Us Five Stars!

Upcoming Conferences:

JAMF Nation User ConferenceRegistration open!
MacTech ConferenceRegistration open!

Sponsor MacAdmins.org Podcast!

If you’re interested in sponsoring the MacAdmins.org Podcast, please email podcast@macadmins.org for more information.

Social Media

Get the latest about the Mac Admins Podcast, follow us on Twitter! We’re @MacAdmPodcast!

Leave a Reply

Your email address will not be published. Required fields are marked *