Skip site navigation (1)Skip section navigation (2)
Date:      09 Jul 2002 15:59:04 +0200
From:      Dag-Erling Smorgrav <des@ofug.org>
To:        "Andrey A. Chernov" <ache@nagual.pp.ru>
Cc:        current@freebsd.org
Subject:   Re: PasswordAuthentication not works in sshd
Message-ID:  <xzpd6txj93r.fsf@flood.ping.uio.no>
In-Reply-To: <20020709133611.GA17322@nagual.pp.ru>
References:  <20020702114530.GB837@nagual.pp.ru> <xzpn0tacp9c.fsf@flood.ping.uio.no> <20020709124943.GA15259@nagual.pp.ru> <xzphej9jb3i.fsf@flood.ping.uio.no> <20020709133611.GA17322@nagual.pp.ru>

next in thread | previous in thread | raw e-mail | index | archive | help
"Andrey A. Chernov" <ache@nagual.pp.ru> writes:
> Normally OPIE not accepts plain Unix password remotely, and it is right,
> because of cleartext. But it is wrong for sshd, because no cleartext
> sended for PasswordAuth. It seems that opieaccess in pam.d/sshd should not
> fails by default or maybe even not present there.

What if the client is untrusted?  Do you find it reasonable to allow
users to type their password on an untrusted client?  Many of our
users use OPIE for precisely this scenario - reading their mail on an
untrusted machine in the USENIX terminal room.

DES
-- 
Dag-Erling Smorgrav - des@ofug.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpd6txj93r.fsf>