Use opie on Debian central servers to prevent password sniffing?

To: joey@infodrom.org
Cc: debian-devel@lists.debian.org
Subject: Use opie on Debian central servers to prevent password sniffing?
From: Tim Freeman <tim@fungible.com>
Date: Wed, 10 Dec 2003 11:48:24 -0700
Message-id: <[🔎] 200312102006.hBAK6ZjW009545@lobus.fungible.com>

At
http://lists.debian.org/debian-announce/debian-announce-2003/msg00003.html
it says the Debian machines were compromised by password sniffing from
other compromised machines.  If you use one time passwords instead,
then password sniffing doesn't yield useful information.

As you probably know, the packages for that are opie-server and
libpam-opie on the server, and opie-client on the client.  You'd also
have to edit /etc/pam.d/{login,ssh} to mention libpam-opie, at least.
Finding and installing a skey calculator on a personal organizer is
probably better than using opie-client on a machine that's connected
to the internet and therefore conceivably compromised.

I just started using opie on fungible.com, and it seems to work well
so far.

Is there some issue with opie that would cause problems when using it
on the Debian servers?

-- 
Tim Freeman                                                  tim@fungible.com
I xeroxed a mirror. Now I have an extra xerox machine.       -- Steven Wright

Reply to:

Prev by Date: Infinite http redirect loop from people.d.o
Next by Date: Re: Debian packages and freedesktop.org (Gnome, KDE, etc) menu entries
Previous by thread: Re: Infinite http redirect loop from people.d.o
Next by thread: Use opie on Debian central servers to prevent password sniffing?
Index(es):
- Date
- Thread