|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: MD5 systems interacting with DES systems
Kris Kennaway (kris
hub.freebsd.org)
Tue, 12 Oct 1999 13:00:56 -0700 (PDT)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Kris Kennaway: "FreeSSH (was: Re: Is it just me or is the ssh port broken for Release 3.3?)"
- Previous message: James Wyatt: "Re: scanning of port 12345"
- In reply to: Nicole H.: "Re: scanning of port 12345"
- Next in thread: Michael Hallgren: "Re: MD5 systems interacting with DES systems"
- Reply: Michael Hallgren: "Re: MD5 systems interacting with DES systems"
- Reply: Donald Wilde: "Re: MD5 systems interacting with DES systems"
On Tue, 12 Oct 1999, Donald Wilde wrote:
> I saw a hint that some routines (rlogin, etc.) will not work unless DES
> is installed both ways. Are there low level (transport level) routines
> which we can use with MD5 systems, or is my best answer to do the
> encrypt/decrypt at the user level?
I don't think this is correct. rlogin and friends do no encryption or
password authentication themselves, and aren't linked against libcrypt at
all. So there should be no difference whether or not you have DES
installed. However...
> I don't mind making all systems MD5.
...this is the way to go, unless you specifically need DES passwords (e.g.
sharing passwords with commercial unices). DES is just too insecure
thesedays.
As for encrypted transport, which it sounds like you were talking about,
you want either ssh (if the license restrictions are applicable to you -
or you could port the "last truly free" version which the openbsd guys
have been cleaning up in their tree), or your could go for IPSec (either
in the kernel - see www.kame.net), or userspace (the pipsecd port in
net/).
Kris
----
XOR for AES -- join the campaign!
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Kris Kennaway: "FreeSSH (was: Re: Is it just me or is the ssh port broken for Release 3.3?)"
- Previous message: James Wyatt: "Re: scanning of port 12345"
- In reply to: Nicole H.: "Re: scanning of port 12345"
- Next in thread: Michael Hallgren: "Re: MD5 systems interacting with DES systems"
- Reply: Michael Hallgren: "Re: MD5 systems interacting with DES systems"
- Reply: Donald Wilde: "Re: MD5 systems interacting with DES systems"
This archive was generated by hypermail 2.0b3 on Tue Oct 12 1999 - 14:59:58 CDT