OPIE considered insecure
Lyndon Nerenberg
lyndon at orthanc.ca
Mon Feb 9 13:02:17 PST 2009
> While I agree that OPIE can be improved, I think that the current
> OPIE implementation is still much better than having to use
> passwords from untrusted machines. I also prefer current OPIE to
> copying SSH private keys to untrusted machines. So until there
> is a more secure alternative, I really don't think removing OPIE
> would have a positive effect on security.
The machine you are logging IN TO does not require your private key, just
your public key.
--lyndon
Linux -- Where Quantity is Job One!
More information about the freebsd-security
mailing list