Mailing List Archive

From:: Lloyd <ng2d68@proton.me>
Subject:: Re: patch: stop login_yubikey(8) leaking OTP data to syslog
To:: Theo de Raadt <deraadt@openbsd.org>
Cc:: Theo Buehler <tb@theobuehler.org>, "tech@openbsd.org" <tech@openbsd.org>
Date:: Thu, 14 Aug 2025 22:10:32 +0000

Download raw body.

Thread

2025-08-14 21:22 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-14 21:27 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-14 22:10 Lloyd:
  patch: stop login_yubikey(8) leaking OTP data to syslog
- - 2025-08-14 22:12 Theo de Raadt:
    patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-19 09:24 Emiel Kollof:
patch: stop login_yubikey(8) leaking OTP data to syslog

Theo de Raadt wrote:

> You know the problem. You know who can fix it. This is their problem,
> not ours. Or, write a configuration driver.
> 
> But I am not going to invest a second into this, and over a number of years
> noone else has -- and we done with cccccblddbkhgvtvjihbdcjdbtkgddnuigbievtbtcgr
> and a tradeoff has been selected.

Is it safe to assume login_yubikey(8) will remain in base? It still merits
some usefulness, for shell users which never physically touch the console.

2025-08-14 21:22 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-14 21:27 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-14 22:10 Lloyd:
  patch: stop login_yubikey(8) leaking OTP data to syslog
- - 2025-08-14 22:12 Theo de Raadt:
    patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-19 09:24 Emiel Kollof:
patch: stop login_yubikey(8) leaking OTP data to syslog