Segmentation fault on OPIE when sequence number <0

Dany dany_list at
Mon Jan 19 19:13:47 PST 2004

Playing around with OPIE I used the following command on a 5.2R 
(hopefully I still have my root working) :

1) from the user account :
#opiepasswd -c -n 2 

I put 2 for the initial sequence number just to see what would happen to 
the user when he reaches 0

Entered my passphrase, got the seed and got the first response.

2) I didn't touch the /etc/pam.d/login but noticed that it didn't 
contain any reference to opie (/etc/pam.d/ssh does have some).

3) After exiting the current session, I got :
login : alpha
otp-md5 2 he201

I think I tried my regular Unix password first and it worked. I logged 
out and this time I used the response computed by my external s/key 
calculator. It worked well and I was logged in... nice !

4) So I repeated that process until I reached 0.

5) Now this is what I get :
login: alpha
otp-md5 -1 (null) ext

I now my s/key password has expired so I put in my Unix password and 
received a nice :

FreeBSD/i386 (local) (ttyv0)
login: Jan 19 22:08:25 local kernel: pid 613 (login), uid 0:exited on 
signal 11 (core dumped)

6) I though it was some kind of security mecanism so I logged back on my 
root account.

7) Trying to disable OPIE login for alpha using the following command :
#opiepasswd -d alpha
Updating alpha:
Segmentation fault (core dumped)
local# Jan 19 22:10:06 local kernel: pid 627 (opiepasswd), uid 0: exited 
on signal 11 (core dumped)

I also tried opipasswd -c alpha to recreate OPIE keys for alpha but I 
received the same segmentation fault.

a) how did OPIE worked in the first place with no mention to it in 
/etc/pam.d/login ?
b) why do I get a segmentation fault ?


More information about the freebsd-questions mailing list