Re: security probs with su (sh-utils 1.16)

MoiN On Fri, Mar 24, 2000 at 09:38:33PM -0700, Nathan Paul Simons wrote: > - - Forwarded message from Javor Ninov <[EMAIL PROTECTED]> - [...] > Tested on SlackWare 7.0 2.2.14 > After short time this will crash Linux box: > su `cat /dev/urandom` > /dev/null |< su `cat /dev/urandom`& > > fo

Re: One Time Password support in debian

YAO -- yet another option -- is to carry a Linux microdistribution including ssh support. The LinuxCare bootable business card doesn't include SSH, but comes with an installer which works like a charm in most instances. If you can find a system with a network connection and an accessible cdrom dr

Re: One Time Password support in debian

On Fri, Mar 24, 2000 at 11:40:06PM +0100, [EMAIL PROTECTED] wrote: > Hello, > > An other solution to your problem could be to use a java-applet ssh client. > Then you could use ssh to login from any java enabled browser in the world, > and you dont have to worry about one time passwords at all.

Re: One Time Password support in debian

that solution has its problems. public key cryptography implimented in java is vulnerable to man-in-the-middle attacks unless it is able to save some data to disk between sessions. i'm not an expert in ssh (or java really) but i recall threads about this. no computer is secure, really. your best be

PAM+Kerberos ..?

Greetings, Would anyone happen to know why there doesn't seem to be a pam_krb4.so PAM module, as described in the manual? Regards, Alex. -BEGIN GEEK CODE BLOCK- Version: 3.12 GCM d- s:+ a--- C UL P L+++ E W++ N o-- K- w O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+ G e-- h++

Re: security probs with su (sh-utils 1.16)

Previously Ethan Benson wrote: > as for redhat i think they use GNU su do they not? we (and presumably > slack) are using the simple shadow su (why?). Better PAM support iirc. Wichert. -- / Generally uninteresting signature -

Re: security probs with su (sh-utils 1.16)

On Fri, Mar 24, 2000 at 09:38:33PM -0700, Nathan Paul Simons wrote: > Has anyone else seen this? i tested it with the latest shellutils > from the frozen dist, and it appears to work. It should also be noted > that i tested this on my alpha box (running RedHat 6.1) and it didn't do > anythi

security probs with su (sh-utils 1.16)

-BEGIN PGP SIGNED MESSAGE- Has anyone else seen this? i tested it with the latest shellutils from the frozen dist, and it appears to work. It should also be noted that i tested this on my alpha box (running RedHat 6.1) and it didn't do anything except give an error message. The