[28430] in North American Network Operators' Group
Re: ABOVE.NET SECURITY TRUTHS?
daemon@ATHENA.MIT.EDU (Alec H. Peterson)
Sat Apr 29 11:28:03 2000
Message-ID: <390AFF05.4F31FEB9@hilander.com>
Date: Sat, 29 Apr 2000 09:25:57 -0600
From: "Alec H. Peterson" <ahp@hilander.com>
MIME-Version: 1.0
To: Alexei Roudnev <alex@genesyslab.com>
Cc: Paul Froutan <pfroutan@rackspace.com>, rmeyer@mhsc.com,
nanog@merit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
Alexei Roudnev wrote:
>
> Yes.
>
> And (I add) with priv-level.
Or with TACACS+ server-side modifications that allow you to use per-user
enable passwords (it isn't standard with the public domain server, but the
modifications are a piece of cake).
>
> But it's for the work from remote places - I don't thgink you'll use One Time Passwords (at least manually) for the every day
> configurations...
Don't be too sure; in a former life I did just that and it worked great
(using one-time passwords for enable access). Sure people complained for a
while, but once everybody gets used to it it's not a big deal.
Alec
--
Alec H. Peterson - ahp@hilander.com
Staff Scientist
CenterGate Research Group - http://www.centergate.com
"Technology so advanced, even _we_ don't understand it!"
