Subject: Re: [netatalk-admins] Information on other authentications
From: Michael Han (mikehan@best.com)
Date: Wed Apr 21 1999 - 13:23:48 EDT
Previously...
>Michael Han <mikehan@best.com> writes:
>> I think Alex is trying to point out that there's something wrong with
>> rand2num *itself*. And if he wasn't, I'd sure like to make the same
>> assertion. rand2num is potentially better than cleartext, but still
>> doesn't work the way I tend to think about password encryption. A
>> hashed password should be sent, which is compared to the same which is
>> stored on the server. That way a root compromise of the server doesn't
>> compromise all the user passwords on the box. And root can't casually
>> be grabbing user passwords either.
>
>It's not that simple.
Of course not.
>UNIX crypt() passwords are stored hashed, but the login is done by
>getting a plaintext password, hashing it, and comparing it to the
>stored hash. The server application did get to see the password, and
>in most cases it also passed over a wire in unencrypted form.
>
>AppleShare randnum stores a plaintext password on the server and
>passes challenge/response on the wire to verify that both ends have
>the same password. Windows NT encrypted passwords are stored on the
>server as hash values, but that doesn't matter - the hash value is a
>plaintext equivalent and with a modified client, knowing the hash is
>sufficient for login.
This is stuff I would hope we all knew already. But all in all, I
think most people would feel more comfortable with cleartext
tranmission and hashed storage, rather than hashed transmission and
cleartext storage... I could be wrong, but that's my take on things.
There are *definitely* better ways to do things than either of the
above, but I really wasn't trying to talk about that...
-- mikehan@best.com I did not see Elvis - The collected wisdom of Bart Simpson
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:38 EST