Untrusted terminals: OPIE vs security/pam_google_authenticator
Victor Sudakov
vas at mpeks.tomsk.su
Tue Jun 18 07:59:57 UTC 2019
Dear Colleagues,
I've used OPIE for many years (and S/Key before that) to login to my
system from untrusted terminals (cafes, libraries etc).
Now I've read an opinion that OPIE is outdated (and indeed its upstream
distribution is gone) and that pam_google_authenticator would be more
secure: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=237270
Is that truly so? With 20 words in OPIE and only 6 digits in
pam_google_authenticator, how strong is pam_google_authenticator against
brute force and other attacks?
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
2:5005/49 at fidonet http://vas.tomsk.ru/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20190618/ad9e8845/attachment.sig>
More information about the freebsd-security
mailing list