From: Lloyd <ng2d68@proton.me>
Subject: Re: patch: stop login_yubikey(8) leaking OTP data to syslog
To: Theo de Raadt <deraadt@openbsd.org>
Cc: Theo Buehler <tb@theobuehler.org>, "tech@openbsd.org" <tech@openbsd.org>
Date: Thu, 14 Aug 2025 22:10:32 +0000

Theo de Raadt wrote:

> You know the problem. You know who can fix it. This is their problem,
> not ours. Or, write a configuration driver.
> 
> But I am not going to invest a second into this, and over a number of years
> noone else has -- and we done with cccccblddbkhgvtvjihbdcjdbtkgddnuigbievtbtcgr
> and a tradeoff has been selected.

Is it safe to assume login_yubikey(8) will remain in base? It still merits
some usefulness, for shell users which never physically touch the console.