Date: Fri, 12 Jun 1998 11:17:44 -0400 (EDT) From: "Matthew N. Dodd" <winter@jurai.net> To: Peter Wemm <peter@netplex.com.au> Cc: Andreas Klemm <andreas@klemm.gtn.com>, Bill Paul <wpaul@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/lib/libc/net ns_name.c ns_netint.c ns_parse.c ns_print.c ns_ttl.c res_mkupdate.c res_update.c Makefile.i Message-ID: <Pine.BSF.3.96.980612111308.2045I-100000@sasami.jurai.net> In-Reply-To: <199806120825.QAA16386@spinner.netplex.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 12 Jun 1998, Peter Wemm wrote: > Yes, you can say that again. Radius is nice, but.. Up until now you've > often had to duplicate accounts, passwords etc etc - one set for the > terminal servers, one for the shell/mail/etc servers. The possibility of > storing everything in one place would be really nice, as long as it was > quick and robust. ppp/CHAP can't be used with unix encrypted passwords, > so you can't use a unix /etc/master.passwd file as a source for ``secure'' > (as microsoft calls it) authentication. A solution that considers the needs of various authentication systems would be nice. There is really no good reason not to store passwords crypted in different ways. One could store them in DES, MD5, whatever CHAP uses, whatever SAMBA/CIFS uses etc... A user could select the various service specific password instances he or she wished to use when changing their password. Of course this would probably imply not storing passwords in /etc/master.passwd (Which is IMHO a good direction to move in.), or only storing the primary 'unix compat' password there. As to the dangers of having the same password endrypted by several possiably weaker encryption methods consider that if someone has access to your crypted password they can probably break it. (Not -yours- because you use good rules for generating your password, but a random luser in general. Yes, running cracklib should be default. *sigh*) /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980612111308.2045I-100000>