Litsebi tse tsoang ho Qualys Labs li fumane mathata a 'maloa a tšireletso a amanang le bokhoni ba ho thetsa mananeo a ikarabellang bakeng sa mekhoa ea ho hlahloba password e sebelisoang ho BSD (analous to PAM). Leqheka ke ho fetisa lebitso la mosebelisi "-challenge" kapa "-challenge:passwd", eo ka nako eo e hlalosoang eseng joalo ka lebitso la mosebelisi, empa e le khetho. Kamora sena, sistimi e amohela password efe kapa efe. Ea tlokotsing, i.e. Ka lebaka leo, phihlello e sa lumelloeng e lumelloa ke lits'ebeletso tsa smtpd, ldapd, radiusd. Ts'ebeletso ea sshd e ke ke ea sebelisoa hampe, kaha sshd joale e hlokomela hore mosebelisi "-challenge" ha a eo. Lenaneo la su lea senyeha ha le leka ho le sebelisa hampe, hobane le boetse le leka ho fumana uid ea mosebelisi ea seng teng.
Bofokoli bo fapaneng bo boetse bo senotsoe ho xlock, ka tumello ka S/Key le Yubikey, hammoho le ka su, e sa amaneng le ho hlakisa mosebelisi oa "-challenge". Ho ba kotsing ho xlock ho lumella mosebelisi ea tloaelehileng hore a phahamisetse litokelo ho sehlopha sa auth. Hoa khonahala ho phahamisa litokelo ho tloha sehlopheng sa auth ho ea ho mosebelisi oa metso ka ts'ebetso e fosahetseng ea S/Key le mekhoa ea tumello ea Yubikey, empa sena ha se sebetse ho tlhophiso ea kamehla ea OpenBSD hobane tumello ea S/Key le Yubikey e koetsoe. Qetellong, ho ba kotsing ho su ho lumella mosebelisi ho eketsa meeli ho lisebelisoa tsa sistimi, joalo ka palo ea litlhaloso tse bulehileng tsa faele.
Hajoale, bofokoli bo lokisitsoe, lintlafatso tsa ts'ireletso li fumaneha ka mochini o tloaelehileng oa syspatch(8).
Source: linux.org.ru