Steinar Bang s...@dod.no:
Professa Dementia profe...@dementianati.com:
There are plugins that allow you to call some glue logic (Perl,
Python, shell scripts, etc) which enables you to interface to pretty
much any method (SQL, LDAP, shadow files, etc) you have chosen to
save passwords - that
Daniel Parthey daniel.part...@informatik.tu-chemnitz.de:
The PAM documentation can be found at:
http://www.linux-pam.org/Linux-PAM-html/
This one I have already visited, if the link colour in the browser is to
be belived. However it didn't make much of an impression at the time.
Now,
On Sun, May 12, 2013 at 05:40:10AM -0700, Professa Dementia wrote:
On 5/12/2013 4:17 AM, Steinar Bang wrote:
I prefer not to use clear text passwords, even over an encrypted
connection.
Why? Enforce the encrypted link by not allowing unencrypted
connections. The simplest is iptables to
On 5/14/2013 12:39 PM, /dev/rob0 wrote:
On Sun, May 12, 2013 at 05:40:10AM -0700, Professa Dementia wrote:
On 5/12/2013 4:17 AM, Steinar Bang wrote:
I prefer not to use clear text passwords, even over an encrypted
connection.
Why? Enforce the encrypted link by not allowing unencrypted
On Tue, 14 May 2013 12:39:34 -0500
/dev/rob0 r...@gmx.co.uk wrote:
On Sun, May 12, 2013 at 05:40:10AM -0700, Professa Dementia wrote:
On 5/12/2013 4:17 AM, Steinar Bang wrote:
I prefer not to use clear text passwords, even over an encrypted
connection.
Why? Enforce the encrypted
Steinar Bang wrote:
it is very hard to find documentation on what PAM modules exist,
and how to write a new one, and if it is possible to chain modules in PAM
The PAM documentation can be found at:
http://www.linux-pam.org/Linux-PAM-html/
The Linux-PAM System Administrators' Guide
On 5/12/2013 4:17 AM, Steinar Bang wrote:
I prefer not to use clear text passwords, even over an encrypted
connection.
Why? Enforce the encrypted link by not allowing unencrypted
connections. The simplest is iptables to block ports 110 and 143, while
allowing 993 and 995.
As long as the
On 05/12/2013 08:40 AM, Professa Dementia wrote:
Avoid using a self signed certificate. Get a properly signed
certificate for your server. CheapSSLS.com has them for less then $10.
Look also at https://www.startssl.com/
On 5/12/2013 6:18 AM, Gedalya wrote:
On 05/12/2013 08:40 AM, Professa Dementia wrote:
Avoid using a self signed certificate. Get a properly signed
certificate for your server. CheapSSLS.com has them for less than $10.
Look also at https://www.startssl.com/
StartSSL is good - and free. I
Professa Dementia profe...@dementianati.com:
Also note that MD5, the basis for CRAM-MD5, is considered weak and no
longer recommended. Thus, if you face an attacker that is sophisticated
enough to crack the SSL / TLS connection, they very likely will have
little problem with the CRAM-MD5
Professa Dementia skrev den 2013-05-12 14:40:
On 5/12/2013 4:17 AM, Steinar Bang wrote:
I prefer not to use clear text passwords, even over an encrypted
connection.
Why? Enforce the encrypted link by not allowing unencrypted
connections. The simplest is iptables to block ports 110 and 143,
Steinar Bang s...@dod.no:
Professa Dementia profe...@dementianati.com:
There are plugins that allow you to call some glue logic (Perl, Python,
shell scripts, etc) which enables you to interface to pretty much any
method (SQL, LDAP, shadow files, etc) you have chosen to save passwords
- that
12 matches
Mail list logo
