From owner-freebsd-security Mon May 14 13:19: 2 2001 Delivered-To: freebsd-security@freebsd.org Received: from cithaeron.argolis.org (bgm-24-94-35-22.stny.rr.com [24.94.35.22]) by hub.freebsd.org (Postfix) with ESMTP id D94FA37B422 for ; Mon, 14 May 2001 13:18:53 -0700 (PDT) (envelope-from piechota@argolis.org) Received: from localhost (piechota@localhost) by cithaeron.argolis.org (8.11.3/8.11.3) with ESMTP id f4EKFwX68435; Mon, 14 May 2001 16:16:14 -0400 (EDT) (envelope-from piechota@argolis.org) X-Authentication-Warning: cithaeron.argolis.org: piechota owned process doing -bs Date: Mon, 14 May 2001 16:15:50 -0400 (EDT) From: Matt Piechota To: "Antoine Beaupre (LMC)" Cc: Subject: Re: nfs mounts / su / yp In-Reply-To: <3B003611.E96E8AE1@lmc.ericsson.se> Message-ID: <20010514161231.L55013-100000@cithaeron.argolis.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 14 May 2001, Antoine Beaupre (LMC) wrote: > I know I might get flamed for this, but you guys should take a look at > samba. :) The SMB shares are password protected, usually, which means > that they do not (necessarly) rely on client-side authentication, and > allow password encryption. While the idea isn't bad, SMB has enough flaws that I wouldn't use it. Along the same line though, AFS or Coda might be a good option. I believe someone mentioned that at MIT everyone knows the root password to public workstations, but it doesn't do too much good since they auth to the AFS servers to get at files. What especially nice is AFS is free and open now (although I'm not sure what the status is for FreeBSD). I'm not sure if AFS encrypts the data as it passes over the wire (not that SMB does either). -- Matt Piechota Finger piechota@emailempire.com for PGP key AOL IM: cithaeron To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message