« Return to Thread: [libpam-opie] pam_opie.so does not lock user

[libpam-opie] pam_opie.so does not lock user

by Peter Jordan-2 :: Rate this Message:

Hello,

on a debian lenny system with installed and configured libpam-opie you
can have more then one session at a time to attempt to authenticate a
user. Meaning /etc/opielocks/ is not used. So race attacks on OTP are
possible.

Is that a bug in the old package or a misconfiguration on my part?

thanks,

PJ

--
To UNSUBSCRIBE, email to debian-user-REQUEST@...
with a subject of "unsubscribe". Trouble? Contact listmaster@...

« Return to Thread: [libpam-opie] pam_opie.so does not lock user