search for: opiekey

Hi. I have a question related to freebsd opie implementation. I am running 4.9-RELEASE and I've tried to setup opie. *** 1 *** opiepasswd/opiekey I've added user using `opiepasswd -c "ssa"` mx2# opiepasswd -c "ssa" Adding ssa: Only use this method from the console; NEVER from remote. If you are using telnet, xterm, or a dial-in, type ^C now or exit with no password. Then run opiepasswd without the -c...

...in, type ^C now or exit with no password. Then run opiepasswd without the -c parameter. Using MD5 to compute responses. Enter new secret pass phrase: TESTtestTEST Again new secret pass phrase: TESTtestTEST ID jimmy OTP key is 1 ad2003 HUT SWAY DANE TOLL DAM JUDO jimmy@lama (192.168.0.50) 13:47 ~ $ opiekey -n 2 1 ad2003 Using the MD5 algorithm to compute response. Reminder: Don't use opiekey from telnet or dial-in sessions. Enter secret pass phrase: TESTtestTEST 0: FLEW SLAY STAN BUNK RAT BACH 1: HUT SWAY DANE TOLL DAM JUDO jimmy@lama (192.168.0.50) 13:48 ~ $ ssh 192.168.0.50 otp-md5 0 ad2003 ext...

Hi, I'm trying to setup one-time passwords on freebsd5.2.1 >From what I've read so far, if the user is present in opiekeys, the opieaccess file determines if the user (coming from a specific host or network) is allowed to use his unix password from this specific network. As my opieaccess file is empty and the default rule (as mentionned in the man file) is deny, I should not be able to get an ssh shell with my stand...

...word required pam_unix.so no_warn try_first_pass ? just want to point out the I want to keep "unix password authentication" for the users whose host or network are in opieaccess. "Unix password authenication" should be disabled for all users present in opiekeys and whose hosts or network is not present in opieaccess.

Hi, I'm having trouble getting an answer to the following problem on -questions - I hope someone here has done something similar and can help. I'd like to compile support for FreeBSD OPIE into sshd. Presently I have to use PAM to achieve one-time password support. On a 4.x system I have in /etc/ssh/sshd_config ChallengeResponseAuthentication yes and in /etc/pam.conf sshd auth

I want to discuss some problems/enhancements for dovecot in a webmail/otp setup. For access to an IMAP server like dovecot I see different client types: a) a "normal" MUA installed in a more or less trusted environment b) remote access via "webmail" from untrusted environments For a) I see with dovecot and other IMAP servers no problems, tricky is the setup for b). If you use

...:alnum:]-]+ postfix/smtpd\[[0-9]+\]: fingerprint=([0-9A-F]{2}:){15}[0-9A-F]{2}$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd?\[[0-9]+\]: Verified: subject_CN=.*, issuer=.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: OTP unavailable because can't read/write key database /etc/opiekeys: No such file or directory$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtpd\[[0-9]+\]: [A-Z0-9]+: reject: RCPT from [^[:space:]]+: [45][0-9][0-9] .*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ postfix/smtp\[[0-9]+\]: connect to [^[:space:]]+ Connection refused \(port [0-9]+\)$ ^\w{3} [ :0-9]{11} [._[:aln...

Everyone: We're starting to see a rash of password guessing attacks via SSH on all of our exposed BSD servers which are running an SSH daemon. They're coming from multiple addresses, which makes us suspect that they're being carried out by a network of "bots" rather than a single attacker. But wait... there's more. The interesting thing about these attacks is that