Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.mel.connect.com.au!news.syd.connect.com.au!news.bri.connect.com.au!corolla.OntheNet.com.au!not-for-mail From: Tony Griffiths <tonyg@OntheNet.com.au> Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: Root Access Date: Mon, 16 Jun 1997 14:48:13 +1000 Organization: On the Net (ISP on the Gold Coast, Australia) Lines: 23 Message-ID: <33A4C58D.365F@OntheNet.com.au> References: <33A0DBC3.3098@v-m.com> <33A1FD83.4D94@OntheNet.com.au> <33A31FD2.6592@dca.net> Reply-To: tonyg@OntheNet.com.au NNTP-Posting-Host: swanee.nt.com.au Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 3.0 (WinNT; I) To: roehsler@dca.net Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:42861 Peter Roehsler wrote: > > (a) use skeys to login as a privileged user > ^^^^^ > > Tony, > > What are these? # apropos skey # man skey etc. Basically, the S/key system allows privileged login without having to send a cleartext password across the network. The password that is sent is useful for a single login only (ie. if someone else tries to use it again, it will fail). To be absolutely secure, the password generation needs to be dome on the local machine, _NOT_ the remote one because this involces a password that is reusable! Tony