Date: Fri, 11 Mar 2011 10:46:08 +0100 From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= <des@des.no> To: Miguel Lopes Santos Ramos <mbox@miguel.ramos.name> Cc: freebsd-security@freebsd.org Subject: Re: It's not possible to allow non-OPIE logins only from trusted networks Message-ID: <86aah2yopr.fsf@ds4.des.no> In-Reply-To: <1299682310.17149.24.camel@w500.local> (Miguel Lopes Santos Ramos's message of "Wed, 09 Mar 2011 14:51:50 %2B0000") References: <1299682310.17149.24.camel@w500.local>
index | next in thread | previous in thread | raw e-mail
Miguel Lopes Santos Ramos <mbox@miguel.ramos.name> writes: > 1. The user does not have OPIE enabled and the remote host is listed as > a trusted host in /etc/opieaccess. > 2. The user has OPIE enabled and the remote host is listed as a trusted > host in /etc/opieaccess, and the user does not have a file > named .opiealways in his home directory. > > Or at least this should be an option for pam_opieaccess. Seems like a good idea, at first blush (provided it's optional). Do you have a patch? DES -- Dag-Erling Smørgrav - des@des.nohelp
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86aah2yopr.fsf>