tor 2006-04-06 klockan 14:37 +0700 skrev Arianto C Nugroho: > In my university case, using a digest password is unacceptible because it will > break compability with other system. And also it will allow the sys-admin to > know the user's password. If your user directory is a good one it should be possible to extend the password storage to additionally store a Digest password hash solving the above problems. > So what we do, is we make a simple web-login (https) and combined it with > iptables. Please note that this is limited to single-user clients only. If there is multi-user station (such as UNIX servers, Windows Terminal Server etc) then this IP based scheme will obviously fail. If you have multi-user stations, child proxies, internal NAT devices or other situations where multiple users will come to your cache from the same IP then the above scheme will not work very well as it sees them all as the same user (the first one who logged in). Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
