From owner-freebsd-security Mon May 1 16:26: 7 2000 Delivered-To: freebsd-security@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id 0C90937B588; Mon, 1 May 2000 16:26:05 -0700 (PDT) (envelope-from kris@FreeBSD.org) Received: from localhost (kris@localhost) by freefall.freebsd.org (8.9.3/8.9.2) with ESMTP id QAA26138; Mon, 1 May 2000 16:26:05 -0700 (PDT) (envelope-from kris@FreeBSD.org) X-Authentication-Warning: freefall.freebsd.org: kris owned process doing -bs Date: Mon, 1 May 2000 16:26:05 -0700 (PDT) From: Kris Kennaway To: Brian Reichert Cc: freebsd-security@freebsd.org Subject: Re: OpenSSH-1.2.2 + S/Key In-Reply-To: <20000501185340.A7346@numachi.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 1 May 2000, Brian Reichert wrote: > I _must_ be missing something. Yeah, it's not activated yet. I have patches almost ready to do this - they work fine for OPIE logins (OPIE is the successor to S/Key, but OpenBSD still call it S/Key), but aren't quite complete for presenting realistic "fake" challenges for nonexistent users so that attackers can't figure out whether an account is OPIE-enabled. I can send them to you for testing if you'd like. Kris ---- In God we Trust -- all others must submit an X.509 certificate. -- Charles Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message