Re: password encryption?


Subject: Re: password encryption?
From: Rich Lafferty (rich@alcor.concordia.ca)
Date: Sun Feb 11 2001 - 19:36:07 EST


On Sun, Feb 11, 2001 at 07:14:21PM -0500, Scoobie Doobie Doo (scoobie@shaggie.dhs.org) wrote:
> Does anyone know if there exists an option to enable password encryption in
> netatalk?
>
> If not is there a development effort to hack such a thing in?
>
> sending all those passwords in the clear is a BAD, BAD thing.

Sure, and I'm positive it's documented, since I know I found it right
away. The always-works non-cleartext authentication is 'randnum' and
'rand2num', which means storing the password in cleartext on the
server, and uses a challenge-and-response authentication mechanism
that never sends the password over the wire.

There's also DHX, which you'll find discussed heavily in the list
archives. It requires certain versions of MacOS, but is able to use
the password in the password file. I'm not sure how it works
technically because I've had no initiative to move to it from randnum
here.

  -Rich

-- 
------------------------------ Rich Lafferty ---------------------------
 Sysadmin/Programmer, Instructional and Information Technology Services
   Concordia University, Montreal, QC                 (514) 848-7625
------------------------- rich@alcor.concordia.ca ----------------------



This archive was generated by hypermail 2b28 : Sun Oct 14 2001 - 03:04:32 EDT