From owner-cvs-all Sat Jan 19 7: 0: 4 2002 Delivered-To: cvs-all@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id 54AB037B41A; Sat, 19 Jan 2002 06:59:53 -0800 (PST) Received: (from ache@localhost) by nagual.pp.ru (8.11.6/8.11.6) id g0JExl410273; Sat, 19 Jan 2002 17:59:47 +0300 (MSK) (envelope-from ache) Date: Sat, 19 Jan 2002 17:59:47 +0300 From: "Andrey A. Chernov" To: Mark Murray Cc: Kris Kennaway , cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libpam/modules/pam_opie pam_opie.c Message-ID: <20020119145947.GF9803@nagual.pp.ru> References: <20020119123903.GA8776@nagual.pp.ru> <200201191421.g0JELot21577@grimreaper.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200201191421.g0JELot21577@grimreaper.grondar.org> User-Agent: Mutt/1.3.24i Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Jan 19, 2002 at 14:21:50 +0000, Mark Murray wrote: > > We already live with this "change" several years when S/Key was here and > > nobody complaints. This is not a change, this is return to old way as it > > must be. > > One of the reasons I went for OPIE was to get away from S/Key brokenness. What brokenness do you mean, exactly? There basically just the same idea in OPIE, only OTP response format is changed which is enhancement and not brokennes fix. Many other OPIE "features" either _lowers_ security and should be never turned on (like LOCKING) or gains nothing for security, just make interface inconvinient. Some other (not so useful, but who knows) features like tty-level access is even removed in OPIE. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message