"Andrey A. Chernov" <[EMAIL PROTECTED]> writes:
> Normally OPIE not accepts plain Unix password remotely, and it is right,
> because of cleartext. But it is wrong for sshd, because no cleartext
> sended for PasswordAuth. It seems that opieaccess in pam.d/sshd should not
> fails by default or maybe even not present there.

What if the client is untrusted?  Do you find it reasonable to allow
users to type their password on an untrusted client?  Many of our
users use OPIE for precisely this scenario - reading their mail on an
untrusted machine in the USENIX terminal room.

Dag-Erling Smorgrav - [EMAIL PROTECTED]

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to