Date: Fri, 25 Sep 1998 03:36:08 +0800 From: Peter Wemm <peter@netplex.com.au> To: Nate Williams <nate@mt.sri.com> Cc: Jonathan Lemon <jlemon@americantv.com>, Mark Murray <mark@grondar.za>, committers@FreeBSD.ORG Subject: Re: Security and other facilities at WC CDROM - the plan. Message-ID: <199809241936.DAA22482@spinner.netplex.com.au> In-Reply-To: Your message of "Thu, 24 Sep 1998 13:26:03 CST." <199809241926.NAA00745@mt.sri.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nate Williams wrote: > > > > The password you type will suddenly stop working unless you > > > > a) set up your account at WC to accept no-password logins OR > > > > b) work with us to get your password registered with kerberos. > > > > > > What about folks who are using OS's at times that don't do SSH (ie; > > > Win32)? They also don't have a kerberized telnet available. :( > > > > Try the CRT client for windows. They have an SSH version out, and > > (IIRC) the license fee is reasonable ($20, or so). > > But sometimes I'm places where I don't have access to the SSH version > (read, business trips where I don't have my box with me). > > > If you are doing "telnet" from a winlose box, you're going to have to > > replace the native telnet client anyways, or slowly lose your sanity. > > Agreed, but *free* is a much better price than $20, especially when I > don't have the $20 version many times. > > Basically, what I'm asking is there a *secure* way of allowing logins > over the net besides ssh/kerberized-telnet? Set up s/key on your freefall account, generate and print out the next 10 or so passwords in sequence and carry them in your wallet.. You never know when you're going to need to log in from a machine or network you don't trust. (eg: terminal rooms where people have been tinkering with the machines for days and you don't know if you can trust the ssh on them). Now, if somebody would set up a similar thing (one-time-passwords) for ssh's protection for it's private keys... > Nate Cheers, -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809241936.DAA22482>