Re: Change Passwd Via Telnet through a Perl WWW Script
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, 29 Jul 2002 04:44 pm, Dave Swegen wrote:
> On Mon, Jul 29, 2002 at 03:10:21PM +0800, Grahame Bowland wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On Sat, 27 Jul 2002 04:31 am, Phillip Hofmeister wrote:
> > > All,
> > >
> > > I have been thinking about making a perl program that will open a
> > > socket to port 23 on the loopback and converse with login and passwd
> > > and change a password via a www page. Does anyone have comments about
> > > security implications of this? Does anyone have any feature requests?
> > > Does a similar program exist to anyone's knowledge?
> >
> > Take a look at poppassd, it's an easy way to do this sort of thing.
>
> Judging from the brief look I had at it I fail to see how it is more
> secure than running a telnet session, as all the data is still passed
> across the wire unencrypted. Or have I missed something?
The original question was about connecting over the loopback, so you don't
really need to worry about encryption. It does abstract things a bit; writing
a program to do;
USER username
PASS password
NEWPASS newpassword
is much easier than scripting for a shell over telnet and going through
expect, and you get defined error codes.
Cheers,
Grahame
- --
Grahame Bowland / "If computers get too powerful, we can organise them
/ into a committee -- that will do them in" - Bradley
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9RQ8gN7eIygKWKbARAif6AJ0WOaWShpiMwWJVhMHgb9PHew26SACfeQfw
Do9Zm2BPNCMGLOLygv8JZvQ=
=+733
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: