Re: Encryption (was: Re: netatalk.com)

Subject: Re: Encryption (was: Re: netatalk.com)
From: Tom Fitzgerald (tfitz@MIT.EDU)
Date: Tue Aug 01 2000 - 21:00:30 EDT

• Next message: Steve Freitas: "Re: Logo,RPMs,Version"
• Previous message: Magnus Stenman: "Logo,RPMs,Version"
• In reply to: Steve Freitas: "Re: Encryption (was: Re: netatalk.com)"
• Next in thread: BWS - Offwhite: "Re: Encryption (was: Re: netatalk.com)"
• Reply: Tom Fitzgerald: "Re: Encryption (was: Re: netatalk.com)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Hmm, I'm tired of constantly chasing the next authentication scheme. Is
> there another one out there what solves all of these problems?

Kerberos :-)

Seriously, DHX looks like the best option for most people, especially
multiplatform shops, since it seems to integrate well with non-atalk
auth options and gives everything you need for basic security at an SSH
level. (I haven't actually run it on a production server....) Rand2num
is great if nearly all your users are Mac-only and you can treat people
who actually need to login to Unix as special cases - and either you
don't have PCs or don't care about having passwords common between the
Macs and PCs. It's a series of tradeoffs, like anything, there's no
one-size-fits-all.

Kerberos would be for people who are fanatic about security, or who
already have a kerberos infrastructure. For everyone else it's just more
trouble than it's worth.

• Next message: Steve Freitas: "Re: Logo,RPMs,Version"
• Previous message: Magnus Stenman: "Logo,RPMs,Version"
• In reply to: Steve Freitas: "Re: Encryption (was: Re: netatalk.com)"
• Next in thread: BWS - Offwhite: "Re: Encryption (was: Re: netatalk.com)"
• Reply: Tom Fitzgerald: "Re: Encryption (was: Re: netatalk.com)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b28 : Wed Jan 17 2001 - 14:31:47 EST