Mailing List Archive

From:: "Theo de Raadt" <deraadt@openbsd.org>
Subject:: Re: patch: stop login_yubikey(8) leaking OTP data to syslog
To:: Lloyd <ng2d68@proton.me>
Cc:: Theo Buehler <tb@theobuehler.org>, "tech@openbsd.org" <tech@openbsd.org>
Date:: Thu, 14 Aug 2025 16:12:20 -0600

Download raw body.

Thread

2025-08-14 21:27 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-14 22:10 Lloyd:
  patch: stop login_yubikey(8) leaking OTP data to syslog
- - 2025-08-14 22:12 Theo de Raadt:
    patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-19 09:24 Emiel Kollof:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-19 13:50 Loganaden Velvindron:
  patch: stop login_yubikey(8) leaking OTP data to syslog

Lloyd <ng2d68@proton.me> wrote:

> Theo de Raadt wrote:
> 
> > You know the problem. You know who can fix it. This is their problem,
> > not ours. Or, write a configuration driver.
> > 
> > But I am not going to invest a second into this, and over a number of years
> > noone else has -- and we done with cccccblddbkhgvtvjihbdcjdbtkgddnuigbievtbtcgr
> > and a tradeoff has been selected.
> 
> Is it safe to assume login_yubikey(8) will remain in base? It still merits
> some usefulness, for shell users which never physically touch the console.

We often delete unuseable pieces of code.

I've explained what needs to be done to make it useable.

2025-08-14 21:27 Theo de Raadt:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-14 22:10 Lloyd:
  patch: stop login_yubikey(8) leaking OTP data to syslog
- - 2025-08-14 22:12 Theo de Raadt:
    patch: stop login_yubikey(8) leaking OTP data to syslog
2025-08-19 09:24 Emiel Kollof:
patch: stop login_yubikey(8) leaking OTP data to syslog
- 2025-08-19 13:50 Loganaden Velvindron:
  patch: stop login_yubikey(8) leaking OTP data to syslog