[1860] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Services not required?

daemon@ATHENA.MIT.EDU (Paul L. Schmidt)
Sun Jun 14 04:57:07 1998

Date: Wed, 10 Jun 1998 19:00:04 -0500 (EST)
From: "Paul L. Schmidt" <pschmidt@custom.net>
To: linux-security@redhat.com
In-Reply-To: <tcppop3.1323495@Viaduct.CUSTOM.NET>
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com

On 10 Jun 1998 tjw@CS.Stanford.EDU wrote:
> 
> Replace unencrypted telnet with telnet-98.02.16, which supports
> strong encryption via either SRP or Kerberos.  Run telnetd with
> the "-a valid" option in inetd, which will permit only secure
> connections to succeed.  The same applies to secure, SRP-enabled
> FTP.  Windows and Linux clients/servers are at
> <http://srp.stanford.edu/srp/>.

I don't believe I've seen OPIE mentioned in the discussion.  The
OPIE suite includes an ftp server (although not as full-featured
as wu-ftp), as well as a replacement login program.  An example
client is included that gives enough of an example to let me hack
it into a pop server (although it's not by any means the easiest
thing to use from the user's perspective).

And there is a pass-phrase 'calculator' for windows clients.

It's available at ftp://ftp.funet.fi/pub/unix/security/login/nrl-opie ,
and the official site is ftp://ftp.nrl.navy.mil/pub/security/opie ... but
I've never been able to get the latter site to work.

-ps

--
Paul Schmidt          <  ><               PSchmidt at Custom dot Net
Amateur Radio K9PS     ARRL Life Member     QCWA Life Member (26711)
Bloomfield, IN USA    Linux 2.0.34   web:viaduct.custom.net/pschmidt 
PGP 2.6 fingerprint: 24 9F D3 BD AE E3 50 72 23 AB A0 64 BB 9E 2B 8D

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post