Hello, on a debian lenny system with installed and configured libpam-opie you can have more then one session at a time to attempt to authenticate a user. Meaning /etc/opielocks/ is not used. So race attacks on OTP are possible.
Is that a bug in the old package or a misconfiguration on my part? thanks, PJ -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
