From owner-freebsd-security@FreeBSD.ORG Mon Nov 20 00:34:28 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7F4CB16A40F for ; Mon, 20 Nov 2006 00:34:28 +0000 (UTC) (envelope-from eol1@yahoo.com) Received: from web51913.mail.yahoo.com (web51913.mail.yahoo.com [206.190.48.76]) by mx1.FreeBSD.org (Postfix) with SMTP id CB20F43E60 for ; Mon, 20 Nov 2006 00:32:15 +0000 (GMT) (envelope-from eol1@yahoo.com) Received: (qmail 51892 invoked by uid 60001); 20 Nov 2006 00:32:11 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Reply-To:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=CxbbI/a4bBfatYoULrjKzVNXcC7tZkR0dDXW0RKXv/wP37/1eQrvFB3L4wvcKfWgIahJyCtPoaRSpxgA8GIFqhh2DChQwC2MbdI6CvDWO5B/qcg0LYCCcY5YWOxcjUH39sbZZ0v1TUIY42E7dQRA1PHGHgJ4Qt/D2nR0gVki2Ck=; X-YMail-OSG: C358hBIVM1kAQKtO.OOWrwG3t63W_AVLq4rwjcrWvmTFMj.7FCgNBeC4DsoBojN5pnD1Nutxf4gSzUjwCTJ.n2t31l6vCoN_RfFmHgT7yXwIDl.Hsi4pJGGS_5sP0oRS0FNkJNKF8WsH7VM- Received: from [85.25.4.93] by web51913.mail.yahoo.com via HTTP; Sun, 19 Nov 2006 16:32:11 PST Date: Sun, 19 Nov 2006 16:32:11 -0800 (PST) From: Peter Thoenen To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <556824.51538.qm@web51913.mail.yahoo.com> X-Mailman-Approved-At: Mon, 20 Nov 2006 01:30:04 +0000 Subject: OPIE + single user mode X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: eol1@yahoo.com List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Nov 2006 00:34:28 -0000 Hallo all, Have a problem and while OPIE seems to be the solution, not sure it will work. The issue here is the only way I can access my remote box in single user mode is via telnetting to a termserv I have setup that connects to the FBSD servers serial port. Problem of course being that to log on to FBSD in single user mode I have to provide the root password in the clear. What I would like to do is force single user root logon to use OPIE (or even better, just single user root, NOT multiuser root or via su) Prob is I can't find any syntax that supports this and OPIE seems only for access via the network (man opieaccess) .. not actually console or physical server access. Ideas? -Peter