RE: Encrypted logins, configuration, The Chooser, etc.


Subject: RE: Encrypted logins, configuration, The Chooser, etc.
From: Marc Miller (itlm019@mailbox.ucdavis.edu)
Date: Mon Mar 12 2001 - 19:41:02 EST


A friend recently informed me that Linux Magazine also said to create the
netatalk passwords in a clear-text file for one of those other encryption
techniques. Dangerous.

DHX does work with PAM; I'm doing that right now on my system.

On Tue, 13 Mar 2001, Michael Clark wrote:

> <SNIP>
> > DHCast128 -- aka DHX, a 128 bit key is generated by Diffie-Hellman key
> > agreement,
> > a 64 byte password is sent encrypted by the above key using CAST-128.
> > Weak
> > against Man in the Middle attacks. This one is gaining popularity and
> > is supported in
> > Mac OS X.
>
> Okay, so i guess DHX has no need for clear text passwords stored on the server
> (as is required with the 'network-secure' UAMs such as 2-way randnum) - can I
> use PAM right?
>
> I guess you can then use LDAP indirectly through PAM - anybody tried this?
>
>
> Michael Clark.
>

============================================================
        /\/\arc ._|. /\/\iller (itlm019@mailbox.ucdavis.edu)
        Computer Room Consultant
        Information Technology/Lab Management
============================================================
I can be contacted through the Communication Center link from
http://www.mother.com/~mjmiller/



This archive was generated by hypermail 2b28 : Sun Oct 14 2001 - 03:04:34 EDT