Re: passwords in config-files (fwd)

Joe Hartley (jh@metheny.brainiac.com)
Mon, 11 Aug 1997 18:03:02 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike Horwath: "Re: PM-3 and T-1"
Previous message: Marty Likier: "Re: 56K Modems Shipping.."
In reply to: MegaZone: "passwords in config-files (fwd)"
Next in thread: Andy Doolittle: "Re: passwords in config-files (fwd)"

MegaZone <megazone@livingston.com> wrote:
> Once upon a time Hans Schaechl shaped the electrons to say...
> >I never was too happy about the fact that the PM's
> >username/password information is stored in plain-
> >text in the configuration dump-files.
>
> The PM does not currently support saving configuations out in plain text
> at all.

No, but the files that are created by pmreadconf on my Sun stores various
information in clear text, including the !root password, the SNMP community,
any login/passwords stored in a users table and the RADIUS secret.

Aquiring one of these dumps would make it very easy to begin to wreak havok
at an installation.

========================================================================
Joe Hartley - jh@brainiac.com - brainiac services, inc
PO Box 5069 : Greene, RI : 02827 - vox 401.539.9050 : fax 401.539.2070
Without deviation from the norm, "progress" is not possible. - FZappa

Next message: Mike Horwath: "Re: PM-3 and T-1"
Previous message: Marty Likier: "Re: 56K Modems Shipping.."
In reply to: MegaZone: "passwords in config-files (fwd)"
Next in thread: Andy Doolittle: "Re: passwords in config-files (fwd)"