From owner-freebsd-security@FreeBSD.ORG  Mon Mar  2 18:05:07 2009
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id AB82A10656CB
	for <freebsd-security@freebsd.org>;
	Mon,  2 Mar 2009 18:05:07 +0000 (UTC)
	(envelope-from freebsd-security@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 637B58FC3A
	for <freebsd-security@freebsd.org>;
	Mon,  2 Mar 2009 18:05:07 +0000 (UTC)
	(envelope-from freebsd-security@m.gmane.org)
Received: from root by ciao.gmane.org with local (Exim 4.43)
	id 1LeC2g-0001TK-CV
	for freebsd-security@freebsd.org; Mon, 02 Mar 2009 17:35:02 +0000
Received: from elehack.net ([216.243.177.100])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-security@freebsd.org>; Mon, 02 Mar 2009 17:35:02 +0000
Received: from michael by elehack.net with local (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-security@freebsd.org>; Mon, 02 Mar 2009 17:35:02 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-security@freebsd.org
From: Michael Ekstrand <michael@elehack.net>
Date: Sun, 01 Mar 2009 21:08:50 -0600
Lines: 15
Message-ID: <87sklwiptp.fsf@jehiel.elehack.net>
References: <20090302021415.GU5602@noncombatant.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: elehack.net
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/23.0.90 (gnu/linux)
Cancel-Lock: sha1:pjAETzeehROrB+E3cKstPapkhKA=
Sender: news <news@ger.gmane.org>
Subject: Re: OPIE considered insecure
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Mar 2009 18:05:08 -0000

Chris Palmer <chris@noncombatant.org> writes:
> Rich Healey writes:
>> I'm thinking about implementing OPIE, but after reading this I'm not so
>> sure. What's consensus on the best approach to one time logins?
>
> Why are people logging into their remote servers from assumed-untrustworthy
> clients at all?

Simple use case: checking e-mail from the library/Internet
cafe/relative's house.  With Mutt or Gnus.

- Michael

-- 
mouse, n: A device for pointing at the xterm in which you want to type.