> > Architecture: OpenBSD.amd64
> > Machine : amd64
> > >Description:
> > After about 20 logins or so my SKEY login stopped working. Having
> > tried multiple dozen times to login it wouldn't work. So I made a testuser
> > and luckily on the second login it didn't work either but I see no
> > correllation between the two. A second testuser didn't seem to have a
> > problem getting through 5 logins or more.
>
> Hi,
>
> I've been unable to reproduce this behavior. Are you 100% sure the
> passphrase is being entered correctly? Even if you put in a bogus
> passphrase, skey will happily provide you with one-time passwords,
> though they will be invalid.
>
> Can you re-validate your findings?
>
> Cheers.
I just took the information from the testuser skey that was in the original
bug report and created this:
# pwd
/etc/skey
# ls -ld
drwx-wx--T 2 root auth 512 Feb 13 16:06 .
# ls -l
total 4
-rw------- 1 testuser auth 43 Feb 13 16:06 testuser
Then generated the passphrase with password "FOReveryoung1" no quotes and
the skey phrases generated look the same as I provided in the bug report.
then I ssh'ed to localhost with ssh testuser:skey@localhost and could not
log in by copy/pasting the skey phrases into the password. I still could
not log in even though the system has changed from 4.7 to 4.9-beta as
of a week ago or so.
OpenBSD 4.9-beta (GENERIC) #439: Thu Jan 20 17:15:16 MST 2011
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC
Now back to you. Are you actually saying that you took my testuser data and
installed a testuser generated my passphrases and were able to log in
successfully? Are you using amd64 as well?
I really do think I did everything right with no mistakes and I was locked out
of my box from remote as well before which caused me to create this testuser
in the first place.
I don't have perfect hindsight so there is a chance I did something wrong but
it would really suck if this happened to someone with a critical system and
they could not get in. For me my systems aren't so critical comparatively.
-peter
