OPIEACCESS(5) | FreeBSD File Formats Manual | OPIEACCESS(5) |
NAME
/etc/opieaccess - OPIE database of trusted networksDESCRIPTION
The opieaccess file contains a list of networks that are considered trusted by the system as far as security against passive attacks is concerned. Users from networks so trusted will be able to log in using OPIE responses, but not be required to do so, while users from networks that are not trusted will always be required to use OPIE responses (the default behavior). This trust allows a site to have a more gentle migration to OPIE by allowing it to be non-mandatory for "inside" networks while allowing users to choose whether they with to use OPIE to protect their passwords or not.
Field Description
action "permit" or "deny" non-OPIE logins
address Address of the network to match
mask Mask of the network to match
Subnets can be controlled by using the appropriate address and mask. Individual hosts can be controlled by using the appropriate address and a mask of 255.255.255.255. If no rules are matched, the default is to deny non-OPIE logins.
SEE ALSO
ftpd(8) login(1), opie(4), opiekeys(5), opiepasswd(1), opieinfo(1), su(1),AUTHOR
Bellcore's S/Key was written by Phil Karn, Neil M. Haller, and John S. Walden of Bellcore. OPIE was created at NRL by Randall Atkinson, Dan McDonald, and Craig Metz.CONTACT
OPIE is discussed on the Bellcore "S/Key Users" mailing list. To join, send an email request to:January 10, 1995 | 7th Edition |