From: "Theo de Raadt" <deraadt@openbsd.org>
Subject: Re: patch: stop login_yubikey(8) leaking OTP data to syslog
To: Lloyd <ng2d68@proton.me>
Cc: Theo Buehler <tb@theobuehler.org>, "tech@openbsd.org" <tech@openbsd.org>
Date: Thu, 14 Aug 2025 16:12:20 -0600

Lloyd <ng2d68@proton.me> wrote:

> Theo de Raadt wrote:
> 
> > You know the problem. You know who can fix it. This is their problem,
> > not ours. Or, write a configuration driver.
> > 
> > But I am not going to invest a second into this, and over a number of years
> > noone else has -- and we done with cccccblddbkhgvtvjihbdcjdbtkgddnuigbievtbtcgr
> > and a tradeoff has been selected.
> 
> Is it safe to assume login_yubikey(8) will remain in base? It still merits
> some usefulness, for shell users which never physically touch the console.

We often delete unuseable pieces of code.

I've explained what needs to be done to make it useable.