"Andrey A. Chernov" <[EMAIL PROTECTED]> writes: > Normally OPIE not accepts plain Unix password remotely, and it is right, > because of cleartext. But it is wrong for sshd, because no cleartext > sended for PasswordAuth. It seems that opieaccess in pam.d/sshd should not > fails by default or maybe even not present there.
What if the client is untrusted? Do you find it reasonable to allow users to type their password on an untrusted client? Many of our users use OPIE for precisely this scenario - reading their mail on an untrusted machine in the USENIX terminal room. DES -- Dag-Erling Smorgrav - [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message