My presentation from Atlanta Linux Fest on how to allow users secure access to your network using open source technologies. Examples include how to add two-factor authentication to Apache, OpenVPN, Astaro, NX etc.

1. Securing Network Access with Open Source Solutions Nick Owen 9/19/09 @wikidsystems [email_address]

4. Our Goal: Securely allow access to the network with simplicity and flexibility.

9. Who or what is connecting? Evil Princess Duck Bot Sweet Chicky Chirpalot

22. Configure Radius on Astaro

23. Enable Radius

24. Point it to the OTP or Radius server

25. Associate the Group with a VPN

26. Create A WiKID Domain

27. Create a Radius Network Client

28. Add Shared Secret

29. Done!

30. For the End-User

31. Select Domain & Enter PIN

32. Enter OTP & Connect

35. Apache Radius Example Install mod-auth-radius $ sudo apt-get install libapache-mod-auth-radius In your httpd.conf add: AddRadiusAuth radius_server:1812 shared_secret 5 AddRadiusCookieValid 60 Remember Radius is port 1812 *UDP*

36. Apache Radius Example con't Enter this into your apache2.conf: <location> Options Indexes FollowSymlinks AuthType Basic AuthName &quot;WiKID RADIUS authentication&quot; AuthBasicAuthoritative Off AuthBasicProvider radius AuthRadiusAuthoritative on AuthRadiusActive On Require valid-user </location> Restart Apache!

42. Pretty Lame Diagram VPN, SSH, HTTPS Gateway Desktop, Mail, Web Auth/Radius Server RADIUS, LDAP, etc SSH, RDP, VNC, HTTPS

46. Any questions? [email_address] @wikidsystems