[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] How do we shadow these passwords?

Subject: Re: [cobalt-security] How do we shadow these passwords?
From: Rod Todd <rodd_todd_1999@xxxxxxxxx>
Date: Fri, 6 Oct 2000 17:04:22 -0700 (PDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

>Before you worry about that, I'd suggest changing all
>the passwords on the box asap, since it'd take about
>a day to crack the details you've just given out.

Our machine has no connection to the outside Internet,
though thanks for the word of caution.

>As far as I recall, previous releases didn't used to
>use shadow passwords.  You could try and manually
>compile the shadow'ed utils (passwd, login etc), but
>it'd be messy, and you've have to convert
>/etc/passwd to /etc/shadow manually and such

Is a temporary solution to disable telnet, and allow
only SSH.  Is there a way to only allow admin to SSH
in- do you know the config file to set it?  ssh_config
can allow the root user to log in; didn't find
anything on allowing certain users though.

Warm Regards,

(P.S. I think the ssh mailing list kicked us off
because we posted the previous message with out
passwords; again, we mentioned that our machine has no
connection to the outside world so there is no reason
to be concerned).

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

Prev by Date: [cobalt-security] Passwd File
Next by Date: [cobalt-security] Security Alert on MIPS based Cobalts
Previous by thread: Re: [cobalt-security] How do we shadow these passwords?
Next by thread: [cobalt-security] Re: cobalt-security -- confirmation of subscription -- request 477957

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index