nis security (DES passwords)
horio shoichi
bugsgrief at bugsgrief.net
Sat Sep 13 22:16:52 PDT 2003
On Sat, 13 Sep 2003 17:01:31 +0200
Guy Van Sanden <n.b at myrealbox.com> wrote:
> I was looking arround for this, and I found that Kerberos uses DES
> encryption, John (on my sytem) reports it rather weak:
>
<clip>
>
> Yet it seems the consensus that Kerberos is secure, am I missing
> something?
>
1. Krb5 uses default salted 3DES. In addition, as Tillman wrote, krb5
allows other ciphers.
2. Even krb4, which uses unsalted DES, is considered difficult to crack
because it does not expose ciphered text (i.e., passwd). On the wire,
on the local files.
horio shoichi
More information about the freebsd-questions
mailing list