RE: How can I help ?

To: Alexander Hvostov <vulture@aoi.dyndns.org>
Cc: Ronny Adsetts <ronny.adsetts@camdenmusic.com>, debian-security@lists.debian.org
Subject: RE: How can I help ?
From: Ryan White <rwhite@collectivenet.net>
Date: Tue, 13 Jun 2000 15:46:12 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0006131544410.10617-100000@merlin.collectivenet.net>
In-reply-to: <[🔎] Pine.LNX.4.21.0006131516100.14940-100000@cornerstone.core.aoi>

As I recall after windows 95 the passwords are sent over the line
encrypted. The encryption might be weak but they are not clear text
anymore. 

There is a switch in SMB to allow encrypted passwords. This is ON by
default in debian (I believe)

-Ryan

On Tue, 13 Jun 2000, Alexander Hvostov wrote:

> Ronny and all,
> 
> If you want to use LDAP, I suggest you do LDAP over SSL/TLS. The current
> OpenLDAP doesn't support it natively, but I believe there's a patch, and
> of course there's always wrappers like stunnel.
> 
> Of course, if you want to use user authentication from Windows, using PAM
> is more or less out of the question. LDAP, of course, is not, and neither
> is SSL/TLS.
> 
> By the way, Samba already is able to use LDAP for authentication, though
> it's not too great, last I checked. Maybe you fellows could work on
> it?
> 
> Finally, if any of you have any knowledge of programming Windows drivers,
> I suggest you write a replacement and/or hack for the "Client for
> Microsoft Networks" driver, so that it can talk to Samba over SSL/TLS,
> which would be a very nice thing to have. (I hate the idea of sending my
> password in the clear over a SMB connection...)
> 
> Regards,
> 
> Alex.
> 
> ---
> PGP/GPG Fingerprint:
>   EFD1 AC6C 7ED5 E453 C367  AC7A B474 16E0 758D 7ED9
> 
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.12
> GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
> O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
> G e-- h++ r--- y
> ------END GEEK CODE BLOCK------
> 
> On Tue, 13 Jun 2000, Ronny Adsetts wrote:
> 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > <snip>
> > > One thing I am interested is, which ist AFAIK no
> > > implemented yet:
> > > Crossplattform userauthentication (win+unix),
> > > via LDAP.
> > 
> > This is a great idea. I am willing to help if pointed in the right
> > direction. I guess using PAM and Samba together with LDAP might be a
> > place to start.
> > 
> > Have perl, shell (bash) and some c skills, but always willing to
> > learn.
> > 
> > Ronny Adsetts
> > 
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP 6.5.1i for non-commercial use <http://www.pgpi.com/>
> > 
> > iQA/AwUBOUawvP4+LjEVAJSfEQJMUQCcDdBLxD1S7fkYhM9sniPedA1G3+cAoO57
> > hMtR+4P+qMsMXS5sNEc5Tyvq
> > =jQaV
> > -----END PGP SIGNATURE-----
> > 
> > 
> > --  
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> > 
> 
> 
> --  
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

Follow-Ups:
- RE: How can I help ?
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>
- Re: How can I help ?
  - From: Sebastian Rittau <srittau@jroger.in-berlin.de>

References:
- RE: How can I help ?
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>

Prev by Date: RE: How can I help ?
Next by Date: Re: How can I help ?
Previous by thread: RE: How can I help ?
Next by thread: RE: How can I help ?
Index(es):
- Date
- Thread