Subject: | |
From: | |
Reply To: | |
Date: | Wed, 2 Apr 1997 17:07:33 +0200 |
Content-Type: | text/plain |
Parts/Attachments: |
|
|
At 00:28 02.04.1997 -0500, Jeff Kell wrote:
>
>[Lots snipped]
ditto
>The bottom line here is "authentication".
This reminds me of something I read in the Samba docs... I think it is
also able to query an NT server for user authentication (the related
directive in the smb.conf is security=server) but this seems to require
to compile Samba with an encryption library.
I have never spent time on that one because I'm not too familiar with
encryption and because I'm not a lawyer ;-) and thus do not know what
could happen if I picked up the LibDES library (somewhere in .edu.au
as far as I recall) and added it to Samba/iX -- any volunteers here??
(I'm in Germany but Jazz or ftp.3k.com would be in the US area...
and furthermore I do not know which route my internet access takes)
>DCE promises some distributed authentication (with programmatic access
>by applications) but hasn't exactly taken off like a rocket.
I'm not familiar with DCE -- is it "lean" and "easy to use/admin" ??
> ..... Typical /etc/passwd schemes such as Lars suggested are a
>start, but prone to crack attacks if someone gets your /etc/passwd
>file. Shadow passwords then come into play as well. Some scheme might
>work internally to the 3000, but can it be exported?
What are shadow passwords?? Using a "secret" /etc/somewhere/else/passwd?
>Please be careful about any shortcuts you take here to simplify things.
Yes, and the more replies I get on this thread, the more I learn that
most things I thought would be a "problem" can be avoided or worked around
with features that are already available in Samba "as is".
Thanks, Lars.
|
|
|