Matt Sergeant wrote:
>
> On Wed, 09 Feb 2000, Doug Kyle wrote:
> >
> > What about generating some value from the MAC address of the server's
> > NIC(s)?
> > ifconifg <interface name> ether, or arp <hostname> will return MAC
> > addresses.
>
> Doh! Just realised that producing a secret from something that's totally
> *not* a secret is really dumb :)
>
> Next option? :)
>
> --
> <Matt/>
Would taking the MD5 hash of the MAC address or IP address (or both)
be an option? I know were're dealing with a setup where any sort of real
security isn't the specific intent and it's just a hurdle to stop people
who won't try to hard from doing something, so would that work, if what
the code was specifically doing wasn't obvious? People could probably
pick up on the fact that it was a hash, but if they didn't know what it
was a hash of that might be ok. I guess this all depends on what
specifically you are trying to protect...
- Bill
