UMESH PANWAR
2008-Aug-26 03:53 UTC
[Fedora-directory-users] Directory server password security
Hi, We are using Fredora Directory server 7.1 for authentication of users, mail accounts and proxy authentication. Yesterday I have observed that passwords goes in plain-text and anyone can retrieve actual user name and password easily with using a software named cain. Can anybody suggest how can i secure user''s password so that the password should travel in encrypted form. I am new with fedora-ds so please explain me in detail. Regards Umesh Umesh Panwar +91-9829857475
Russell Miller
2008-Aug-26 04:37 UTC
Re: [Fedora-directory-users] Directory server password security
UMESH PANWAR wrote:> Hi, > > We are using Fredora Directory server 7.1 for authentication of users, > mail accounts and proxy authentication. Yesterday I have observed that > passwords goes in plain-text and anyone can retrieve actual user name > and password easily with using a software named cain. > > Can anybody suggest how can i secure user''s password so that the > password should travel in encrypted form. > > I am new with fedora-ds so please explain me in detail. > >Unfortunately I don''t have time to explain to you in detail. But I can point you in the right direction. Probably the best and most secure way to do it is to set up SSL between the client and the server. This is going to take you a while to set up in the beginning, but once you have your CA and signing key, things will get much easier. --Russell
Chun Tat David Chu
2008-Aug-27 14:31 UTC
Re: [Fedora-directory-users] Directory server password security
To enable SSL on Fedora Directory Server, take a look at the Administrator Manual for Red Hat Directory Server 7.1 You can find the manual from below website http://www.redhat.com/docs/manuals/dir-server/ - dc On Tue, Aug 26, 2008 at 12:37 AM, Russell Miller <duskglow@gmail.com> wrote:> UMESH PANWAR wrote: > >> Hi, >> >> We are using Fredora Directory server 7.1 for authentication of users, >> mail accounts and proxy authentication. Yesterday I have observed that >> passwords goes in plain-text and anyone can retrieve actual user name and >> password easily with using a software named cain. >> Can anybody suggest how can i secure user''s password so that the password >> should travel in encrypted form. >> >> I am new with fedora-ds so please explain me in detail. >> >> >> Unfortunately I don''t have time to explain to you in detail. But I can > point you in the right direction. Probably the best and most secure way to > do it is to set up SSL between the client and the server. > > This is going to take you a while to set up in the beginning, but once you > have your CA and signing key, things will get much easier. > > --Russell > > -- > Fedora-directory-users mailing list > Fedora-directory-users@redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users >