[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] Mutiple Passwords for each user on the Raq ??
- Subject: [cobalt-security] Mutiple Passwords for each user on the Raq ??
- From: Kul <WebMaster@xxxxxxx>
- Date: Mon, 15 Jan 2001 15:49:24 +0000
- Organization: Qax
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
[REPOSTED as it never arrived on saturday, appologies if it later duplicates]
Hi all,
I have 2 questions below regarding the Raq3 and users Passwords:
I have browsed a Linux and Apache manual, but find nothing understandable (new to Linux still) that gives me any pointers, and am hoping that someone in this list may have seen/heard of this before. <preying>
Q1. Is it possible to set up user accounts, giving them different passwords for different services on the Raq, i.e. Email, FTP, SSH .......
I guess your first question is "why?" Well I come from a mainframe environment and have seen the impressive advantages of being able to have different passwords for different services and the ability stop hacking from spreading quickly to other services. (Damage Control)
The POP email and GUI logins (in fact all logins) concern me a little in that encryption is not mandatory, so my feeling is that if my users have a SMALL selection of services with different passwords, if one password (i.e. email) is compromised, a would be hacker does not immediately gain access to SSH / FTP etc. etc., and is limited to the current service and its privileges.
Q2. Is there any software on the Raq/Linux that is able to inform a user that their password has not been changed for a specified length of time? And subsequently close/suspend the account if the password is not changed within a specified time limit.
Regards
Kul