Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 27 Oct 2002 02:48:00 -0800 (PST)
From:      Hideki Sakamoto <sakamoto@hlla.is.tsukuba.ac.jp>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/44518: ftpd does not show OPIE OTP challenge 
Message-ID:  <200210271048.g9RAm0h0057615@www.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         44518
>Category:       bin
>Synopsis:       ftpd does not show OPIE OTP challenge
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Oct 27 02:50:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator:     Hideki Sakamoto
>Release:        FreeBSD 4.7-RELEASE-p1
>Organization:
>Environment:
FreeBSD xxxxx 4.7-RELEASE-p1 FreeBSD 4.7-RELEASE-p1 #1:
Fri Oct 25 16:54:58 JST 2002     sakamoto@xxxxx:/usr/obj
/usr/src/sys/XXXXX  i386
>Description:
Ftpd can authenticate a user with OPIE PAM module(pam_opie) when it's enabled in /etc/pam.conf. But client program cannot calculate OTP because ftpd doesn't show challenge to client in the session. 
>How-To-Repeat:
1. Set a user's password for the OPIE authentication system.
   % opiepasswd -c 
2. Try FTP with telnet.
 * % telnet localhost ftp
   Trying ::1...
   telnet: connect to address ::1: Connection refused
   Trying 127.0.0.1...
   Connected to localhost.
   Escape character is '^]'.
   220 xxxxxx.hlla.is.tsukuba.ac.jp FTP server (Version 6.00LS) ready.
 * user sakamoto
   331 Password required for sakamoto.
   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Ftpd should have shown OTP challenge at this time. Nevertheless, authentication will success if a user know correct OTP and put it with "pass" command.

S/Key authentication(pam_skey) have same probrem but its ok because ftpd
have native S/Key authentication mechanism and it shows challenge at the end of "user" command handler. 
>Fix:
      I have no good idea. Dirty solution is; Show OPIE challenge at the end of "user" command handler like S/Key.
>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210271048.g9RAm0h0057615>