nis security (DES passwords)

Tillman Hodgson tillman at
Sat Sep 13 12:36:27 PDT 2003

On Sat, Sep 13, 2003 at 05:01:31PM +0200, Guy Van Sanden wrote:
> I was looking arround for this, and I found that Kerberos uses DES
> encryption, John (on my sytem) reports it rather weak:
> I'm now using MD5 passwords in NIS.
> Yet it seems the consensus that Kerberos is secure, am I missing
> something?

Yes :-)

1. Kerberos can use a variety of encryption methods
2. With NIS, arbitrary users can run John against the password database.
   With Kerberos, they can't because they don't have the Kerberos
   database to run John against.


Beauty is not diminished by being shared.
	- Robert Heinlein

More information about the freebsd-questions mailing list