From owner-freebsd-questions  Thu Jun 15 08:09:00 1995
Return-Path: questions-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id IAA23376
          for questions-outgoing; Thu, 15 Jun 1995 08:09:00 -0700
Received: from UCSD.EDU (mailbox1.ucsd.edu [132.239.1.53])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id IAA23363
          for <freebsd-questions@freebsd.org>; Thu, 15 Jun 1995 08:08:58 -0700
Received: from sdcc5.UCSD.EDU (sdcc5.ucsd.edu [132.239.56.61]) by UCSD.EDU (8.6.12/8.6.9) with SMTP id IAA09622 for <freebsd-questions@freebsd.org>; Thu, 15 Jun 1995 08:28:20 -0700
Received: by sdcc5.UCSD.EDU (4.1/UCSDGENERIC.4)
	id AA03167 to freebsd-questions@freebsd.org; Thu, 15 Jun 95 08:08:55 PDT
Date: Thu, 15 Jun 1995 08:08:55 -0700 (PDT)
From: Henry Chan <htchan@sdcc5.ucsd.edu>
To: freebsd-questions@freebsd.org
Subject: libskey-1.1.5.1.tgz
Message-Id: <Pine.SUN.3.91.950615080305.2727A-100000@sdcc5.ucsd.edu>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: questions-owner@freebsd.org
Precedence: bulk

After reading the CERT warning about the S/Key vulnerabilities, I went 
ahead and downloaded the libskey-1.1.5.1.tgz yesterday night for my 
1.1.5.1 machine.  The installation went through without any errors; 
however, none of my users can log in now...all passwords are invalid.  
I'm lucky to be able to get in because I have a .rhosts file set up for 
myself...

I've since replaced the /usr/bin/login file with a copy of the old one 
and everything is fine, the libskey.a and libskey.so.1.1 are still there.

Thanks,
Henry
htchan@ucsd.edu