At 06:52 PM 4/3/01 -0400, you wrote:
>from the secret journal of Mac Reiter ([EMAIL PROTECTED]):
> > VNC only uses the first 8 characters of the password, to maintain
>> compatibility with some old pathetic implementation of a password routine
>> on one of the hundreds of platforms that it supports. Since your password
>> is 9 characters long, you could put anything you want for the last
>> character. And it doesn't matter what the preceding characters were. I
>> have noticed that when my password is longer than 8 characters, I have to
>> enter at least 9 characters for it to be accepted. I have not tested to
>> see if the 9th character can be random.
>
>so vnc uses crypt()? i thought it used a challenge-response system of the
>author's own design.
First off, I should point out that the statement of maintaining
compatibility with crypt() was due to some foggy recollections of
statements made on the list last month. If the surrounding memories are
also correct, it isn't exactly that it _uses_ crypt, but it deliberately
works in a comparable way. Or something like that.
I'm doing some modifications for other reasons to vncviewer, and yesterday
I ran across the code that trims the password down to 8 characters. I
didn't explore much around there, though.
_____________________________ /"\
Mac Reiter \ / ASCII Ribbon Campaign
Nomadics, Inc. X Against HTML Mail
[EMAIL PROTECTED] / \
---------------------------------------------------------------------
To unsubscribe, send a message with the line: unsubscribe vnc-list
to [EMAIL PROTECTED]
See also: http://www.uk.research.att.com/vnc/intouch.html
---------------------------------------------------------------------
