secure pilot access?
Edward Glowacki
glowack2@msu.edu
Thu, 13 Dec 2001 07:28:34 -0500
Quoted from Ben Pfaff on Thu, Dec 13, 2001 at 12:12:29AM -0800:
> Is there a way to update my Pilot webpage without sending a
> cleartext password over the Internet? At one time this didn't
> bother me, but it does now. Maybe I need to move it somewhere
> else.
> --
I think the current options for accessing your pilot space are:
AFS - uses kerberos, but I don't know enough of the internals to
know if your password is encrypted or not. Anyways, you can use
ARLA (or possibly OpenAFS) to mount you AFS space from anywhere (I
think anywhere on the internet).
SMB - The AFS machines run SAMBA, but I'm not sure if encrypted
passwords are available. \\afs.msu.edu\~username\ would be the
path (using windoze backslash notation).
FTP - Unencrypted passwords. blah.
I'll forward your question on to the people that would definately
know the answer and find out for ya, because I'm curious too...
Wouldn't it be great to have something like an SSL or SSH tunneled
file sharing protocol using the same general authentication mechanisms
SSH offers? That way you could have a "totally secure" network
filesystem and access it through password or public/private DSA
keys (i.e. for host-based authentication). I've been dreaming of
this for years...
--
Edward Glowacki glowack2@msu.edu
GLLUG Peon http://www.gllug.org
Imagination is the one weapon in the war against reality.
-- Jules de Gaultier