Subject: [netatalk-admins] non-cleartext passwords...
From: Tomas Revesz (tomi@media.mit.edu)
Date: Wed Apr 15 1998 - 14:21:39 EDT
Hi all,
I've been running a netatalk server quite happily on a solaris 2.6 box for
the past few months and am now looking to take the next step in security
with it. I think i have all of the pieces but have no idea how to put them
together. Here's the situation. We are running asun's 18.2 version of
netatalk. i have the authman UAM, control panel, and Desk accessory. I'm
going to recompile using the des and kerberos stuff from the mit/cygnus
kerberos 4 package. am i on the right track? that's pretty much all i've
been able to figure out from all of the docs and readme's i've looked at.
All i really care about doing is not sending user passwords in cleartext to
the server. so here's the questions:
1. Do i need to go through all this trouble or is there a simpler way to
scramble passwords between client and server?
2. If i'm only using this stuff for authentication at login time, what can
i leave out from the kerberos/afs instructions? we don't use afs at all.
3. The authman control panel and UAM seem to load happily but when i try
to use the DA that comes with the package it locks up my machine. Do i
need the DA to have authman function? is there a newer version of the
authman stuff than 1.09A and UAM 1.1?
further details...i'm running mostly OS8 and 8.1 on 601 powermacs and 603
and 604 starmax clones. my testing is being done from a Starmax 4000/200
running 8.1.
thanks for any help, instructions, or pointers anyone can provide!
tomas
-- Tomas Revesz MIT Media Lab
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:32:22 EST