12 December 2007 1 Comment
Setting up OPIE (One-time Passwords In Everything) in OpenSUSE was easy: there is a opie RPM in the standard repository, and it installs cleanly and easily. Then it is just a matter of initializing the database and modifying the PAM configuration to match. Then each user is added to the database (/etc/opiekeys) one at a time. I’ll describe the exact process on OpenSUSE at a later time.
Insufferingly, it appears that Fedora (and Red Hat) do not offer any form of one-time passwords anywhere – and certainly not OPIE. RPMs for opie are exclusively for OpenSUSE and for the Polish PLD distribution (both of which seem to have everything). How extremely frustrating! This sounds like a good time to switch my home system from Fedora 5 to OpenSUSE 10.3.
OpenSUSE has supported LVM, XFS, KDE, and many other technologies when Red Hat staunchly refused to. Even now, OpenSUSE support for all of these is much more integrated and time-tested than Red Hat’s.
Lest I sound like I hate Red Hat – I don’t – and that’s what makes it so frustrating. Grrr….
The search for one-time passwords for HP-UX and for OpenVMS was even more fruitless. HP-UX apparently has a third party skey package available; OpenVMS has nothing – though it could be added through programming the ACME interface (which provides similar capabilities to PAM – though perhaps not as flexible).
It looks like the BSDs aren’t a lot better: FreeBSD has OPIE built into the core (with a full section on OPIE in the FreeBSD Handbook on it); NetBSD and OpenBSD do not appear to have it (!).