From: | Peter Mount <petermount(at)it(dot)maidstone(dot)gov(dot)uk> |
---|---|
To: | "'Hannu Krosing'" <hannu(at)tm(dot)ee>, Peter Mount <petermount(at)it(dot)maidstone(dot)gov(dot)uk> |
Cc: | "'Henk van Lingen'" <henkvl(at)cs(dot)uu(dot)nl>, pgsql-interfaces(at)postgresql(dot)org |
Subject: | RE: ODBC and crypted passwords |
Date: | 2000-04-12 10:59:19 |
Message-ID: | 1B3D5E532D18D311861A00600865478C70C449@exchange1.nt.maidstone.gov.uk |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-interfaces |
Thats why I said its for the future :-)
I always use crypt if it's going outside the server, so some form of
encrypted transport is required. Anyhow, the main reason I mentioned
PAM, is that not every platform would have a password file (NT for
example, although you can configure one in cygwin).
Peter
--
Peter Mount
Enterprise Support
Maidstone Borough Council
Any views stated are my own, and not those of Maidstone Borough Council.
-----Original Message-----
From: Hannu Krosing [mailto:hannu(at)tm(dot)ee]
Sent: Wednesday, April 12, 2000 10:47 AM
To: Peter Mount
Cc: 'Henk van Lingen'; pgsql-interfaces(at)postgresql(dot)org
Subject: Re: [INTERFACES] ODBC and crypted passwords
Peter Mount wrote:
>
> One thing that may be useful, is not to check against the unix
password
> file, but to use PAM. That way, you could even authenticate against
the
> dreadded NT accounts, unix password file, dbm file etc...
>
> Anyhow, this is something to think about for the future ;-)
IMHO this defeats the purpose of crypt - not to send plaintext passwords
over the net.
OTOH, it could be done over a secure (SSL/TLS) channel of course.
-----------
Hannu
From | Date | Subject | |
---|---|---|---|
Next Message | Patrick Welche | 2000-04-12 13:22:58 | Re: ODBC and crypted passwords |
Previous Message | Peter Mount | 2000-04-12 10:13:27 | RE: ODBC and crypted passwords |