The issue is, that the default setup uses /etc/shadow for ssh, ftp, samba
& al. It is an extra effort to setup and maintain passwords in different
files. Apache has a different file by default.
Let this compare to Lotus Notes. When you define a user there, the system
prompts you for two different passwords. One to be used for the ID-file
that contains the private key (and is never transmitted anywhere from the
local system) and another one, that is used for HTTP basic authentication.
This is easy to understand for novice admins and little extra effort.
So, my on my whishlist to Easter Bunny:
1. Suse will add an installation/config option to make a separate pw-db
for samba and proftpd (and maybe others)
2. Suse will add a list of passwords for different packages into yast user
management.
Rainer
"OKDesign oHG Security Webmaster"
I just thought to myself:
Why is this insecure? If you login by SSH to do remote maintenance, then true, anyone who sniffs your in the clear ftp and pop passwords can login as you.
But they can only login as you the USER. They can never sniff the root password, as your "su root" password is always encrypted.
....
and then the penny dropped.
If someone ever logs into your user account. And then you login after they have done their mischief, and su, then you have just given away the crown jewels. Oh well.
Just one thought: On our system the only possibility to log in and work on the shell is SSH with RSA-authentification. So, if someone sniffs the "normal" password, okay, he can get access to the emails and for ftp-access. But NOT for any works on the system itself. Because to log in with SSH, there is a different password necessary. So, okay, this is not really secure, but at least no one can really harm the system. Or am I wrong ??? --- Stephan --------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com