Date: Thu, 4 Nov 1999 06:35:21 +1030 (CST) From: Greg Lewis <glewis@trc.adelaide.edu.au> To: freebsd-security@freebsd.org Subject: Re: Security and NIS - alternatives? Message-ID: <199911032005.GAA32013@ares.maths.adelaide.edu.au> In-Reply-To: <199911031758.AA215051921@broccoli.graphics.cornell.edu> from Mitch Collinsworth at "Nov 3, 1999 12:58:40 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> NIS doesn't send plain text passwords over the net. It only sends the > encrypted form over the net. The plain text is encrypted on the client > and compared against the encrypted form. I am certainly aware of this, I'd just prefer that the encrypted password wasn't sent over the wire either, since that in itself is a point of attack that I've so far avoided by forcing people to use ssh. > If you want something better than that, have a look at kerberos. I will, thanks for your suggestion! -- Greg Lewis glewis@trc.adelaide.edu.au Computing Officer +61 8 8303 5083 Teletraffic Research Centre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911032005.GAA32013>