Date: Tue, 9 Jul 2002 20:41:10 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Dag-Erling Smorgrav <des@ofug.org> Cc: current@freebsd.org Subject: OPIE auth broken too (was Re: PasswordAuthentication not works in sshd) Message-ID: <20020709164108.GA19075@nagual.pp.ru> In-Reply-To: <xzpd6txj93r.fsf@flood.ping.uio.no> References: <20020702114530.GB837@nagual.pp.ru> <xzpn0tacp9c.fsf@flood.ping.uio.no> <20020709124943.GA15259@nagual.pp.ru> <xzphej9jb3i.fsf@flood.ping.uio.no> <20020709133611.GA17322@nagual.pp.ru> <xzpd6txj93r.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 09, 2002 at 15:59:04 +0200, Dag-Erling Smorgrav wrote: > What if the client is untrusted? Do you find it reasonable to allow > users to type their password on an untrusted client? Many of our > users use OPIE for precisely this scenario - reading their mail on an > untrusted machine in the USENIX terminal room. BTW, OPIE auth broken too that way. In any ssh client I use I see _no_ OPIE prompt like: otp-md5 9960 pa4106 ext Password: only standard password prompt: ache@xxx.xx password: It mean I can't enter correct OPIE password even when I wish to use it intentionally! -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020709164108.GA19075>