Date: Tue, 7 Aug 2001 10:27:58 -0500 From: Dan Nelson <dnelson@emsphone.com> To: rsavage@nandomedia.com Cc: dannyman <dannyman@toldme.com>, questions@FreeBSD.ORG Subject: Re: NIS in FreeBSD Message-ID: <20010807102758.A6138@dan.emsphone.com> In-Reply-To: <Pine.LNX.4.33.0108070949030.22536-100000@ripley.nandomedia.com> References: <20010807014312.A14813@toldme.com> <Pine.LNX.4.33.0108070949030.22536-100000@ripley.nandomedia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Aug 07), rsavage@nandomedia.com said: > I beg to differ! I just setup and tested two FreeBSD 4.3 machines. > One as a master NIS server, and the other as a NIS client. When I > changed my user's password on the client, I saw the "clear-text" > password while I was sniffing the box. Did I do something > diffrently? Or not complete? You are correct. During password changes, the password is sent in plaintext. The solution to this is to change your passwords only on the NIS master. During regular logins, only the encrypted password is sent, so the rest of dannyman's post applies with respect to DES vs MD5, etc. -- Dan Nelson dnelson@emsphone.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010807102758.A6138>