From owner-freebsd-questions@FreeBSD.ORG  Fri Dec 16 13:08:51 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E55B216A41F
	for <questions@freebsd.org>; Fri, 16 Dec 2005 13:08:51 +0000 (GMT)
	(envelope-from on@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 4744843D4C
	for <questions@freebsd.org>; Fri, 16 Dec 2005 13:08:49 +0000 (GMT)
	(envelope-from on@cs.ait.ac.th)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
	by mail.cs.ait.ac.th (8.12.11/8.12.11) with ESMTP id jBGD8eNL096702
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO);
	Fri, 16 Dec 2005 20:08:40 +0700 (ICT)
Received: (from on@localhost)
	by banyan.cs.ait.ac.th (8.13.1/8.12.11) id jBGD8c0V002949;
	Fri, 16 Dec 2005 20:08:38 +0700 (ICT)
Date: Fri, 16 Dec 2005 20:08:38 +0700 (ICT)
Message-Id: <200512161308.jBGD8c0V002949@banyan.cs.ait.ac.th>
From: Olivier Nicole <on@cs.ait.ac.th>
To: danm@prime.gushi.org
In-reply-to: <20051216045350.H35923@prime.gushi.org> (danm@prime.gushi.org)
References: <20051216045350.H35923@prime.gushi.org>
X-Virus-Scanned: on CSIM by amavisd-milter (http://www.amavis.org/)
Cc: questions@freebsd.org
Subject: Re: PAM and OPIE and su
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Dec 2005 13:08:52 -0000

>This would probably require modifications to either telnetd or sshd, as 
>most of the playing I've done with PS to make a proof-of-concept shows 
>both daemons as listing their terminals as ??, as opposed to showing the 
>terminalid's being used.

If I am not wrong, ssh do not use the same library as telnet to
authentify on the password.

I used to have OPIE installed with telnet and ssh, one time passwords
were valid only for telnet, ssh never heard of it.

In fact, I think that OPIE hooks in telnetd before the test for the
password.

Olivier