From owner-ssh@clinet.fi Mon Dec 16 15:24:44 1996 Received: from hauki.clinet.fi (root@hauki.clinet.fi [194.100.0.1]) by hutcs.cs.hut.fi (8.8.4/8.7.3) with ESMTP id PAA29550; Mon, 16 Dec 1996 15:24:44 +0200 (EET) Received: (daemon@localhost) by hauki.clinet.fi (8.8.2/8.6.4) id PAA01287 for ssh-outgoing; Mon, 16 Dec 1996 15:06:07 +0200 (EET) Received: from nukkekoti.cs.hut.fi (nukkekoti.cs.hut.fi [130.233.40.128]) by hauki.clinet.fi (8.8.2/8.6.4) with ESMTP id PAA01280 for ; Mon, 16 Dec 1996 15:06:04 +0200 (EET) Received: from hiekkalaatikko.cs.hut.fi (hiekkalaatikko.cs.hut.fi [130.233.40.178]) by nukkekoti.cs.hut.fi (8.8.4/8.8.4/1.12) with ESMTP id PAA05227 for ; Mon, 16 Dec 1996 15:06:02 +0200 (EET) Received: (from news@localhost) by hiekkalaatikko.cs.hut.fi (8.8.4/8.8.4/1.7) id OAA17345 for ssh-mailgate@niksula.hut.fi; Mon, 16 Dec 1996 14:45:56 +0200 (EET) Received: from GATEWAY by news.cs.hut.fi with netnews for ssh-mailgate@niksula.hut.fi (ssh@clinet.fi) To: ssh@clinet.fi Date: 15 Dec 1996 04:45:10 GMT From: strange@tezcat.com (Mike Scher) Message-ID: <58vvom$40b@tepe.tezcat.com> Organization: Cultural Consulting, Chicago References: , <58v83f$85f@Venus.mcs.net>, Subject: Re: Securing POP with ssh (was: F-Secure SSH for Windows 1.0 available.) Sender: owner-ssh@clinet.fi Precedence: bulk Jacques Distler (distler@golem.ph.utexas.edu) wrote: : In article <58v83f$85f@Venus.mcs.net>, les@MCS.COM (Leslie Mikesell) wrote: : : >Now can you give a list of unix machines where the administrator is willing : >to keep the passwords in a file in cleartext as required by APOP? : > : : That is a red herring. Well, kind of, but . . . not quite. : The file is readable only by root. Ssh (or any other encrypting daemon) : also needs to keep its ("secret") keys in a file in cleartext (eg, : /etc/ssh_host_key). What else can you do? Encrypt the file? Then you need : to store the key to decrypt it somewhere. . . One-way hashes don't need a key around; just a one-way hashing function; I know, for example, that FreeBSD's MD5-based crypt makes it a royal pain to even crack password files (it runs 1000th iterations of the routine) grabbed as root. The massive number of iterations just about makes you want to borrow a Cray just to look for bad passwords as the admin. Sure, the machine may be owned to hell, but you still have the passwords relatively tight in case they're repeated on other boxes. Better than cleartext. : The defect of APOP (which I readily admit) is in its (lack of) key : management. There is, for instance, no secure way for a remote user to : *change* his password. Lack of integration with the password system is a big minus, agreed. : This is not, in my opinion, a fatal defect. But it is certainly an area : which could bear improvement. Pain in the patoch, is how we put it. -M -- Michael Brian Scher (MS683) | Anthropologist, Attorney, Part-Time Guru http://www.tezcat.com/~strange/ | strange@cultural.com strange@tezcat.com | mbscher@midway.uchicago.edu I'm a legal anthropologist; what's an illegal anthropologist?