> > time, my preference is to support the real servers. I say the Windows 95
> > systems aren't real servers anyways and shouldn't should be used as such.
> > They have no file system security, they have only minimal network security
> > (if you call share passwords security at all), they passwords are not
> > encrypted,
> Neither are telnet and FTP passwords. Besides, unless public-key
I use neither... I use SSH and do not allow unencrypted access
to interactive connections.
> cryptography is used, passwords have to be stored in plain-text (or
> another sensitive format) on disk if they are to be encrypted on the
> network.
Not true at all...
You merely have to store hashes at the server side and use a strong
challenge response system for the client to prove that it knows the hashes
without revealing them. In theory, if you broke into the server and stole
the hashes, you could create a fake client who could then fake out the
server, but you already own the server from having broken into it. You do
not have to store passwords in clear, or in any reversible format anywhere.
> Win95 isn't a server, but it's often convenient to share CD-ROMs
> and local printers.
Then put up with it crapping out and don't complain when bugs
in Windows 95 cause it to go brain damaged. You chose to use it, for
whatever reason, so you put up with its flaws and don't blaim others...
Mike
-- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com (The Mad Wizard) | (770) 925-8248 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it!
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/