Date: Tue, 21 Jan 2003 14:20:07 -0500 (EST) From: Dru <dlavigne6@cogeco.ca> To: security@freebsd.org Subject: bug in opiepasswd? Message-ID: <20030121140942.Y201@dhcp-17-14.kico2.on.cogeco.ca>
next in thread | raw e-mail | index | archive | help
Has anyone else come across this weird behaviour before, or am I missing something fundamental here? If I use "opiepasswd" after a user is already in "/etc/opiekeys", the resulting seed is less than 5 characters long, rendering it unusable. It doesn't matter if I use "opiepasswd", "opiepasswd -c" or "opiepasswd -n 499". For example: opiepasswd -n 499 Old secret pass phrase: otp-md5 8 dh2324 ext Response: blah blah blah blah blah blah New secret pass phrase: otp-md5 499 dh23 ^^^^ opiekey 499 dh23 Using the MD5 algorithm to compute response. Seeds must be greater than 5 characters long. However, if I manually remove the user from "/etc/opiekeys", "opiepasswd -c" works fine and computes a useable seed. Dru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030121140942.Y201>