Hello, on a debian lenny system with installed and configured libpam-opie you can have more then one session at a time to attempt to authenticate a user. Meaning /etc/opielocks/ is not used. So race attacks on OTP are possible.
Is that a bug in the old package or a misconfiguration on my part? thanks, PJ -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org