Date: Fri, 3 Aug 2001 20:28:23 +0400 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Mark Murray <mark@grondar.za> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/lib/libopie Makefile Message-ID: <20010803202823.A15671@nagual.pp.ru> In-Reply-To: <200108031444.f73EiFr06031@grimreaper.grondar.za> References: <20010803002200.C3285@nagual.pp.ru> <200108031444.f73EiFr06031@grimreaper.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 03, 2001 at 15:44:14 +0100, Mark Murray wrote: > > Maintaining /etc/opieaccess NOT belongs to INSECURE in OPIE meaning. > > Do a "man opieaccess" and you will see that it _is_ insecure, and is > meant as a temporary feature for migration purposes only, and is NOT > meant for permanent installation. Practical reason behind of it was: various sorts of tunneling (FTP via SSH f.e.) can't be enabled, if local host addresses (excepting localhost) was not added to /etc/opieaccess > Read the man page. Of course, I already read it, but disagree. My point is that OPIE must either: a) Detect SSH connection present (which _is_ secure). b) Relax its insecure restrictions. Otherwise it is not possible to use OPIE in SSH connections which are more common nowdays than ever telnet connections. Old SKEY library use way b) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010803202823.A15671>