Re: OPIE considered insecure

While I agree that OPIE can be improved, I think that the current
OPIE implementation is still much better than having to use
passwords from untrusted machines. I also prefer current OPIE to
copying SSH private keys to untrusted machines. So until there
is a more secure alternative, I really don't think removing OPIE
would have a positive effect on security.

The machine you are logging IN TO does not require your private key, just
your public key.


Linux -- Where Quantity is Job One!
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"