[Freeciv-Dev] Re: Passwd auth with MD5 hash
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
tisdagen den 21 augusti 2001 21:45 skrev du:
> On Tue, 21 Aug 2001, Erik Sigra wrote:
> > > It doesn't add anything if you can't trust the server admin, since he
> > > can just modify the server to tell him the password when you enter it.
> >
> > Aren't passwords usually sent encrypted over networks? Then the server
> > admin can not modify the server to tell him the password. I don't know
> > how it was implemented in this patch, but if it is implemented at all
> > then it should be this way.
>
> Usually? No, not usually. But with ssh getting more common, cleartext
> passwords over the network are getting more rarer.
>
> Still, even with ssh I can trojan the sshd on the other end to get the
> password. Sending the password encrypted does no good except against
> sniffing attacks since the server has to decode the password to check it.
Why would the server need to know the password to check it? Can't it just
compare encrypted versions?
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Bernd Jendrissek, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Reinier Post, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Auth Gábor, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Erik Sigra, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash,
Erik Sigra <=
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Trent Piepho, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Erik Sigra, 2001/08/21
- [Freeciv-Dev] Re: Passwd auth with MD5 hash, Paul Zastoupil, 2001/08/24
[Freeciv-Dev] Re: Passwd auth with MD5 hash, Gaute B Strokkenes, 2001/08/21
|
|
