Subject: Re: [netatalk-admins] Information on other authentications
From: a sun (asun@saul3.u.washington.edu)
Date: Wed Apr 21 1999 - 04:04:30 EDT
fetchmail is a client, and hence, for it to work in an automagic
fashion, it needs your password. afpd is a server and shouldn't need
to know anyone's password. Only if the password provided is authentic.
umm, i guess i should shed some light on this as people don't seem to
have read the relevant sections in inside appletalk. for randnum and
2-way randnum to work, the server needs to know your
password. checking against /etc/passwd isn't good enough as that's a
1-way hash with the real password unextractable. in the future, better
ways of dealing with passwords will be available as netatalk will have
a more pluggable uam architecture. currently, however, that's not the
case.
if you aren't sure why randnum and 2-way randnum need server knowledge
of your password, i'll give you some hints:
"randnum" stands for encrypted randum number
"2-way randnum" stands for 2-way encrypted randum numbers
now, ask yourself how do you do verification when all you're doing is
sending and receiving encrypted random numbers?
-a
This archive was generated by hypermail 2b28 : Sat Dec 18 1999 - 16:16:38 EST