Re: passwords in config-files (fwd)

Andy Doolittle (andy@server.livingston.com)
Wed, 13 Aug 1997 13:41:58 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andy Doolittle: "Re: passwords in config-files (fwd)"
Previous message: Jake Messinger: "Re: PM 3 56k update"
In reply to: MegaZone: "passwords in config-files (fwd)"

I expect he's talking about pmreadpass, or the RADIUS user file. Yes,
this is not a fine thing and we're looking at what we can do about it,
preferably without encrypting the entire file. Omitting the password is
one possibility. FYI, when PMconsole edits a user record it does not
receive the password, just the length and then it fills the field with
asterisks. Unfortunately, when the password is changed it is sent in
the clear.

On Mon, 11 Aug 1997, MegaZone wrote:

> Once upon a time Hans Schaechl shaped the electrons to say...
> >I never was too happy about the fact that the PM's
> >username/password information is stored in plain-
> >text in the configuration dump-files.
>
> I'm not sure what you are talking about.
>
> WHAT configuration/dump files?
>
> The PM does not currently support saving configuations out in plain text
> at all.
>
> -MZ
> --
> Livingston Enterprises - Chair, Department of Interstitial Affairs
> Phone: 800-458-9966 510-737-2100 FAX: 510-737-2110 megazone@livingston.com
> For support requests: support@livingston.com <http://www.livingston.com/>
> Snail mail: 4464 Willow Road, Pleasanton, CA 94588
>
>

andy
++++
In Redmond, no one can hear you scream ...

My opinions, of course, are my own, unless they were given to me by my
employer.

Andrew Doolittle - Sr. Engineer Livingston Enterprises
email: andy@livingston.com vmail: (800)458-9966
smail: 4464 Willow Road, Pleasanton, CA 94588

Next message: Andy Doolittle: "Re: passwords in config-files (fwd)"
Previous message: Jake Messinger: "Re: PM 3 56k update"
In reply to: MegaZone: "passwords in config-files (fwd)"