Date: Fri, 26 Mar 1999 00:42:26 -0500 (EST) From: jwhite@cryogen.com To: ftobin@bigfoot.com Cc: freebsd-security@freebsd.org Subject: Re: sudo (was Re: Kerberos vs SSH) Message-ID: <199903252334.SAA04819@mcclane2.erols.com> In-Reply-To: <Pine.BSF.4.10.9903252308080.76901-100000@isr3277.urh.uiuc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm sorry but this is getting absurd, if it's important enough to go with one time passwords (the only "perfect" solution) then you should be on an encrypted channel and worrying about how secure that channel is. If you pursue this line of reasoning, you will discover that using one time passwords, while ideal is not always feasible and further, it is significantly harder than always using encrypted channels. Oh and if you are actually relying on your attacker using a sniffer that is not "advanced", you are, to put it bluntly, screwed. On 25 Mar, Frank Tobin wrote: > James Wyatt, on Thu, 25 Mar 1999, wrote: > >> The thing I don't like about it is that it makes programs like linsniffer >> more effective. It looks at TCP startups of telnet, FTP, pop, etc... and >> very nicely captures their password. Capturing root passwords from users >> 'su'-ing requires a *lot* more advanced sniffer or cracker intervention. >> This easily captured password is sufficient for root access if the user is >> allowed to do anything that might gain them shell. - Jy@ > > A decent way to get to prevent such attacks is to allow the use only S/Key > one-time passwords when a person sudo's (or even logs in via any > unencrypted means). I'm not sure how this would be accomplished, but I'd > be surprised if it couldn't be done. > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903252334.SAA04819>