Re: Opieaccess file, is this normal?
From: Erick Mechler (emechler_at_techometer.net)
Date: 06/22/04
- Previous message: Didier Wiroth: "Opieaccess file, is this normal?"
- In reply to: Didier Wiroth: "Opieaccess file, is this normal?"
- Next in thread: Didier Wiroth: "RE: Opieaccess file, is this normal?"
- Reply: Didier Wiroth: "RE: Opieaccess file, is this normal?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 22 Jun 2004 09:34:07 -0700 To: Didier Wiroth <didier.wiroth@mcesr.etat.lu>
:: >From what I've read so far, if the user is present in opiekeys, the
:: opieaccess file determines if the user (coming from a specific host or
:: network) is allowed to use his unix password from this specific network.
::
:: As my opieaccess file is empty and the default rule (as mentionned in the
:: man file) is deny, I should not be able to get an ssh shell with my standard
:: unix password.
OpenSSH on FreeBSD is PAM-enabled if ChallengeResponseAuthentication is set
to yes:
ChallengeResponseAuthentication
Specifies whether challenge-response authentication is allowed.
Specifically, in FreeBSD, this controls the use of PAM (see
pam(3)) for authentication. Note that this affects the effec-
tiveness of the PasswordAuthentication and PermitRootLogin vari-
ables. The default is ``yes''.
Does your /etc/pam.conf disble password authentication?
Cheers - Erick
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Didier Wiroth: "Opieaccess file, is this normal?"
- In reply to: Didier Wiroth: "Opieaccess file, is this normal?"
- Next in thread: Didier Wiroth: "RE: Opieaccess file, is this normal?"
- Reply: Didier Wiroth: "RE: Opieaccess file, is this normal?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
