From owner-cvs-all Sun Dec 13 16:59:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA05643 for cvs-all-outgoing; Sun, 13 Dec 1998 16:59:20 -0800 (PST) (envelope-from owner-cvs-all@FreeBSD.ORG) Received: from jade.chc-chimes.com (jade.chc-chimes.com [206.67.97.83]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA05626 for ; Sun, 13 Dec 1998 16:59:12 -0800 (PST) (envelope-from billf@jade.chc-chimes.com) Received: from localhost (billf@localhost) by jade.chc-chimes.com (8.8.8/8.8.8) with SMTP id TAA17990; Sun, 13 Dec 1998 19:58:51 -0500 (EST) (envelope-from billf@jade.chc-chimes.com) Date: Sun, 13 Dec 1998 19:58:51 -0500 (EST) From: Bill Fumerola To: Marc Slemko cc: "David O'Brien" , committers@hub.freebsd.org Subject: Re: Swat teams (was: problem reports) In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk On Sun, 13 Dec 1998, Marc Slemko wrote: > > How does it authenticate? > > HTTP basic authentication done by the web server. Which would mean a lack of an audit trail (if we used one catch-all name/password). a chance of sniffing (unless we implment our own certificate which we then distribute or something) an excellent means to brute force freefall passwords. blocking some people from using it (some of us don't have freefall passwords, just ssh identity.pub) out-of-sync passwords (if we made different passwords for this as opposed to freefall passwords) I tend to be more open to Steve's ssh+gnatsd solution, even though I haven't seen it, on principle alone. - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerol@computerhorizons.com - billf@FreeBSD.org - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message