[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Integrating ftpd and pam_opie; not getting challenge?



On Wed, 10 Jun 1998, Jim Hebert wrote:
> to do opie, if you ask me. Now, perhaps, for command line opie ftp use,
> you could hack the server to output one of those lines that they use for
> big long messages (230, right?) and stuff the opie key in there... and do

	Yes, I do use one ftp server which inserts a "331 Skey Challenge
..." between the "login" and "password" prompts.  There's no doubt in my
mind that someone spent a reasonable amount of time hacking that into the
daemon, which I'd prefer to avoid by using PAM.
	
> There was some work done on pam and ssh, perhaps an opie'd scp would work
> for you?

	The machine I need one-time-passwords to is outside the Xerox
firewall, and I am inside; there is no known SSH proxy for Xerox that I've
found.  I'm still looking, of course; not having it and not having found
it are two different things.  

	Another workaround is to telnet to the external box, then open an
anonymous ftp to a hidden directory on the Xerox firewall and 'get' the
files... but security rules limit write access to that firewall ftp server
to myself, and the whole point of this exercise was to let web weenies put
files on the server without needing me around.  Sigh.

	Thanks for the info.  I'll probably do some light perusing of 230
messages and see if it could simply yank some info out of /etc/opiekeys on
a per-user basis.

-- 
	gowen -- Greg Owen -- gowen@xis.xerox.com



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []