Date: Sat, 13 Sep 2003 13:36:24 -0600 From: Tillman Hodgson <tillman@seekingfire.com> To: freebsd-questions@freebsd.org Subject: Re: nis security (DES passwords) Message-ID: <20030913133624.W13273@seekingfire.com> In-Reply-To: <1063465291.9570.2.camel@cronos.home.vsb>; from n.b@myrealbox.com on Sat, Sep 13, 2003 at 05:01:31PM %2B0200 References: <200309082359.07548.ajacoutot@lphp.org> <20030908161045.C11841@seekingfire.com> <42065386.1063047726@[192.168.10.11]> <20030908181529.P11841@seekingfire.com> <1063359316.2838.18.camel@cronos.home.vsb> <20030912070057.E13273@seekingfire.com> <1063465291.9570.2.camel@cronos.home.vsb>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Sep 13, 2003 at 05:01:31PM +0200, Guy Van Sanden wrote: > I was looking arround for this, and I found that Kerberos uses DES > encryption, John (on my sytem) reports it rather weak: <snip> > I'm now using MD5 passwords in NIS. > > Yet it seems the consensus that Kerberos is secure, am I missing > something? Yes :-) 1. Kerberos can use a variety of encryption methods 2. With NIS, arbitrary users can run John against the password database. With Kerberos, they can't because they don't have the Kerberos database to run John against. -T -- Beauty is not diminished by being shared. - Robert Heinlein
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030913133624.W13273>