Date: Wed, 29 Nov 1995 22:47:24 +0100 (MET) From: Ollivier Robert <roberto@keltia.freenix.fr> To: terry@lambert.org (Terry Lambert) Cc: jkh@time.cdrom.com, terry@lambert.org, joerg_wunsch@uriah.heep.sax.de, freebsd-current@freebsd.org Subject: Re: schg flag on make world in -CURRENT Message-ID: <199511292147.WAA03797@keltia.freenix.fr> In-Reply-To: <199511290220.TAA26615@phaeton.artisoft.com> from "Terry Lambert" at Nov 28, 95 07:20:50 pm
next in thread | previous in thread | raw e-mail | index | archive | help
It seems that Terry Lambert said: > The reason that the lines aren't secure by default is that you don't > want to have the root password working while a line snooper is catching > the packets with it in it. There is a sentence everyone should use nowadays: "Thou shalt not type a password in the clear across [almost] any network" If you're concerned about security, you use either Kerberos/S-Key (but I think this is not enough) or you use an encrypting program like the great SSH. Even using S/Key for both login and su is now silly. You should protect your whole session if you're an administrator. Clear-text asswords should be dead. Period. Arguing about "secure" on pty is not enough. Logging as "root" is a mistake, especially across a network. -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@keltia.frmug.fr.net FreeBSD keltia.freenix.fr 2.2-CURRENT #7: Mon Nov 6 21:08:06 MET 1995
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199511292147.WAA03797>