boot time startup requires password

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Brian Jones wrote:

>Thanks, Kevin. 
>
>Can I make a feature request to whoever sees this that is way better
>at Java/C than me to at least make the stored password crypted in
>something stronger than rot13?
>  
>
What would you suggest?  Note that a determined attacker will be able to 
decode anything that could be done without a key, especially since the 
source code is available.

>
>
>On 7/8/05, Kevin Myer <kevin_myer at iu13.org> wrote:
>  
>
>>http://www.redhat.com/docs/manuals/dir-server/ag/intro.htm#39523
>>
>>NB:  you trade the ease of startup with a security risk, in that your
>>keyphrase
>>is stored in a file cleartext.
>>
>>Kevin
>>
>>Quoting Brian Jones <bkjones at gmail.com>:
>>
>>    
>>
>>>Hi all.
>>>
>>>I hit a snag yesterday when I rebooted my directory server box
>>>(running RHEL 4). The problem is that I'm using SSL/TLS, and that
>>>means that every time I restart the directory server I have to provide
>>>the password for the certificate database. Now, I *know* that this
>>>would never stand in a large production environment, so I can only
>>>imagine that I missed some essential piece of documentation on how I
>>>can use SSL/TLS, but not be forced to provide a password every time
>>>the server starts.
>>>
>>>Could someone provide a link to the doc that addresses this, or does
>>>someone have some clue they could provide for my feeble brain?
>>>
>>>Thanks.
>>>
>>>--
>>>Fedora-directory-users mailing list
>>>Fedora-directory-users at redhat.com
>>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>>
>>>      
>>>
>>
>>--
>>Kevin M. Myer
>>Senior Systems Administrator
>>Lancaster-Lebanon Intermediate Unit 13  http://www.iu13.org
>>
>>
>>--
>>Fedora-directory-users mailing list
>>Fedora-directory-users at redhat.com
>>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>>
>>    
>>
>
>--
>Fedora-directory-users mailing list
>Fedora-directory-users at redhat.com
>https://www.redhat.com/mailman/listinfo/fedora-directory-users
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20050708/3db753db/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3312 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20050708/3db753db/attachment.bin
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux