Rechercher une page de manuel

Chercher une autre page de manuel:

opieaccess

Langue: en

Version: January 10, 1995 (openSuse - 09/10/07)

Section: 5 (Format de fichier)

NAME

[/etc/]opieaccess - OPIE database of trusted networks

DESCRIPTION

The opieaccess file contains a list of networks that are considered trusted by the system as far as security against passive attacks is concerned. Users from networks so trusted will be able to log in using OPIE responses, but not be required to do so, while users from networks that are not trusted will always be required to use OPIE responses (the default behavior). This trust allows a site to have a more gentle migration to OPIE by allowing it to be non-mandatory for "inside" networks while allowing users to choose whether they with to use OPIE to protect their passwords or not.

The entire notion of trust implemented in the opieaccess file is a major security hole because it opens your system back up to the same passive attacks that the OPIE system is designed to protect you against. The opieaccess support in this version of OPIE exists solely because we believe that it is better to have it so that users who don't want their accounts broken into can use OPIE than to have them prevented from doing so by users who don't want to use OPIE. In any environment, it should be considered a transition tool and not a permanent fixture. When it is not being used as a transition tool, a version of OPIE that has been built without support for the opieaccess file should be built to prevent the possibility of an attacker using this file as a means to circumvent the OPIE software.

The opieaccess file consists of lines containing three fields separated by spaces (tabs are properly interpreted, but spaces should be used instead) as follows:




Field         Description

action        "permit" or "deny" non-OPIE logins

address       Address of the network to match

mask          Mask of the network to match

Subnets can be controlled by using the appropriate address and mask. Individual hosts can be controlled by using the appropriate address and a mask of 255.255.255.255. If no rules are matched, the default is to deny non-OPIE logins.

SEE ALSO

opie(4), opiekeys(5), opiepasswd(1), opieinfo(1), opiesu(1), opielogin(1), opieftpd(8)

AUTHOR

Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and John S. Walden of Bellcore. OPIE was created at NRL by Randall Atkinson, Dan McDonald, and Craig Metz.

S/Key is a trademark of Bell Communications Research (Bellcore).

CONTACT

OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join, send an email request to:

skey-users-request@thumper.bellcore.com

Chers frères, permettez-le, je tente de frêles revenentes self-référentes : bête pet de ver de terre en présence de ces gens relevés !

Dès l'entrée, bêtement tentée, je pense : "ce cercle, est-ce secte sévère, pente de terre gelée ? L'est-ce réellement ?" Cet effet est éphémère: le temps en est le remède. Eve, cervelle déréglée, enterre cette pensée née en enfer, ce péché, et décrète : "Je reste !"

Cent éphèbes, mecs, gentes belles, mégères (telle Clère elle-même !) et même pères respectés de l'événement, se démènent bellement ensemble. Le verbe, resserré en fers et en rets, est le serf de cette crème de gens ! L'essence secrète se révèle et me berce: elle recèle pêle-mêle le thème ferme, le bel élément, le vers léger et tendre, l'effet céleste, les rêves des elfes et des fées, l'encens, le cep vert espéré (bel emblème), les Grecs et les belles Hellènes en fête ! Certes, je m'en délecte (entremets, dessert ?).

Entre-temps, élève lente, je m'exerce, j'espère, je tente des effets. Embêtée, je végète (ère éternelle !), j'erre, je penche vers les extrêmes, je tremble et je m'énerve. "Eh ! Femelle de zèbre !" Je m'entête, redresse les vertèbres et serre les dents... J'égrène, mêle et renverse les lettres, je rejette des textes secs et ternes, je bêle trente vers, j'émets et je présente mes tests !

De respect, je verse - en rêve ! - sept cents sesterces, etc. ! Révérence !

Clère
(elle dresse ses tentes en cette blême Séléné)

-- Grivet, Claire