On 1/5/2010 7:31 AM, Kai Schaetzl wrote: > For what do you need the hash? You don't supply the hash for logging in. > In the case of SSH login, you are correct that the hash is not used to login. But the attacker may find a way to read the hash out of the /etc/shadow file, or the same password is used in other places and also stored with a md5 hash. A lot of things would have to go wrong for a remote attacker to get access to /etc/shadow - but it's been known to happen. (Personally, I always move the SSH port to something other then 22 and we only allow authentication via public keys over the external port.) _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: PAM configuration?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: centos@xxxxxxxxxx
- Subject: Re: PAM configuration?
- From: Thomas Harold <thomas-lists@xxxxxxxxxx>
- Date: Tue, 05 Jan 2010 09:49:21 -0500
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <VA.00003919.7b4a904b@xxxxxxxxxxxxxxxxxx>
- References: <SNT121-DS162EF1C03566BFE38AFCD8A740@xxxxxxx> <4B432094.30206@xxxxxxxxxx> <VA.00003919.7b4a904b@xxxxxxxxxxxxxxxxxx>
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.7) Gecko/20100101 Shredder/3.0.1pre
- References:
- PAM configuration?
- From: Roland Roland
- Re: PAM configuration?
- From: Thomas Harold
- Re: PAM configuration?
- From: Kai Schaetzl
- PAM configuration?
- Prev by Date: Re: Weird update problem
- Next by Date: Re: Weird update problem
- Previous by thread: Re: PAM configuration?
- Next by thread: OT: piped greps with regex
- Index(es):
 |