On Fri, Dec 23, 2005 at 09:12:52AM -0500, Greg Stark wrote: > Eh? Just because you know everything the postmaster does doesn't mean you > can't be stopped. In the traditional unix password file scheme the crypt > string is public knowledge but it's not enough to log in. You need the > original password that crypts to that value.
This isn't the first time this has been explained, but: With password encryption you essentially have two options: - Server knows password, use challenge-response authentication so password is not visible on wire. - Server only knows hash of password, password must be sent in clear over wire. These exist in the real world as PAP or CHAP, but there are many other examples. The reason it works in UNIX login is that the "in-the-clear" transit of the password is from the keyboard, via the kernel to a single process, not over a network, so it is considered secure. The login protocol for SMB has a similar flaw. If you can read the password file on an SMB server, you can login as any user. You may have to hack a client to make it work, but it is possible. PostgreSQL uses a variation where the cleartext password sent is just the md5 hash of the real password. It just stops the admin guessing it to see if the user is using it elsewhere. You really don't need the original password to login, just the hash. The solution is obvious, public-key authentication which doesn't have these problems. eg SSH, SSL, etc... Or a trusted third party (ident). Have a nice day, -- Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/ > Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a > tool for doing 5% of the work and then sitting around waiting for someone > else to do the other 95% so you can sue them.
pgpBn5FiKzLeT.pgp
Description: PGP signature