Hi,
I disagree.
It is a security issue to have a password stored in clear-text.
I think the way to do it is to use birdcl to enter the password but then
store it in some type of encrypted form. Perhaps separately from the
bird.conf.
Even loose encryption like XORing or something would be better than
storing a password in clear-text.
For real production deployments of bird this needs to be a consideration.
That is my feeling.
Thanks!
Christopher
On 4/23/15 10:23, Ondrej Zajicek wrote:
On Thu, Apr 23, 2015 at 10:05:21AM -0700, Christopher Jay Manders wrote:
Hi,
I am not sure if this has been brought up before, but it is very sad that
the password for BGP AUTH is in clear-text.
Is there anything in progress to rectify or discussion about this?
Hi
There is not much to discuss. Because the way how it is used, the
password must be in clear-text-recoverable form. The bird.conf
could be protected by unix access rights if necessary.
