|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Dru (dlavigne6_at_cogeco.ca)
Date: Tue Jan 21 2003 - 13:20:07 CST
Has anyone else come across this weird behaviour before, or am I missing
something fundamental here?
If I use "opiepasswd" after a user is already in "/etc/opiekeys", the
resulting seed is less than 5 characters long, rendering it unusable. It
doesn't matter if I use "opiepasswd", "opiepasswd -c" or "opiepasswd -n 499".
For example:
opiepasswd -n 499
Old secret pass phrase:
otp-md5 8 dh2324 ext
Response: blah blah blah blah blah blah
New secret pass phrase:
otp-md5 499 dh23
^^^^
opiekey 499 dh23
Using the MD5 algorithm to compute response.
Seeds must be greater than 5 characters long.
However, if I manually remove the user from "/etc/opiekeys", "opiepasswd
-c" works fine and computes a useable seed.
Dru
To Unsubscribe: send mail to majordomo
FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]