From owner-freebsd-security Fri Oct 9 20:32:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA27098 for freebsd-security-outgoing; Fri, 9 Oct 1998 20:32:28 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA27058 for ; Fri, 9 Oct 1998 20:32:14 -0700 (PDT) (envelope-from jeff-ml@mountin.net) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id WAA07134; Fri, 9 Oct 1998 22:32:09 -0500 (CDT) Received: from aridius-44.isdn.mke.execpc.com(169.207.66.171) by peak.mountin.net via smap (V1.3) id sma007132; Fri Oct 9 22:32:08 1998 Message-Id: <3.0.3.32.19981009222114.007449dc@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32) Date: Fri, 09 Oct 1998 22:21:14 -0500 To: Brandon Huey From: "Jeffrey J. Mountin" Subject: RE: fwtk and skey authorization (+ssh) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:35 PM 10/9/98 -0700, Brandon Huey wrote: > >on a related note, i recently discovered an s/key patched ssh and it's >working great. > >you can find it at: http://www.lackluster.net/~scott/ssh_skey.html Rather neat, but is it doing the OTP over an encrypted tunnel ie first you enter your private key password, then it prompts for a SKey password on the server. Or is this just so that you can use either RSA or SKey OTP authentication? Now if there was something to make it optional for POP, rather than mandatory. If you compile popper on a clean install, once you add a /etc/skey.access file and do not wish to use SKey, the access file need a permit. Would be better to use a 2nd access file, especially if you use an alternate passwd file. Just commenting, since it not extremely important in my case, which is why I haven't looked into it much. 8-) Jeff Mountin - Unix Systems TCP/IP networking jeff@mountin.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message