Re: PAM configuration?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 1/5/2010 7:31 AM, Kai Schaetzl wrote:
> For what do you need the hash? You don't supply the hash for logging in.
>

In the case of SSH login, you are correct that the hash is not used to 
login.  But the attacker may find a way to read the hash out of the 
/etc/shadow file, or the same password is used in other places and also 
stored with a md5 hash.

A lot of things would have to go wrong for a remote attacker to get 
access to /etc/shadow - but it's been known to happen.

(Personally, I always move the SSH port to something other then 22 and 
we only allow authentication via public keys over the external port.)
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux