On Wed, Apr 06, 2005 at 08:03:16AM -0600, Herb Peyerl wrote:
> >Is there any way to reset a UNIX getty (or could that be implemented?),
> >so that a user can be sure he's talking to getty and not to some 
> >trojan?
> 
> [...]  Try using s/key if it's truly a concern.

That would provide the trojan a one-time password which is *still valid*
as it has not been entered into a real login process yet.  

GH

-- 
:wq