lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <00d801c32ac6$413e50c0$0101000a@me>
From: pablo_sole at myp.net.ar (Pablo Solé)
Subject: Re: IRCXpro 1.0 - Clear local and default remote admin passwords

> Many programs need a private key for encryption.  Possession of this key is usually part if not all of the decision for authentication.  
> 
> The only relatively safe way of maintaining this key on disk is to encrypt it and require a decryption password from the user when starting the process.  
> 
> Unfortunately, system admins have a beef with servers that restart and require an operator to input a password to get the >services up, especially in production environments.  

An example of this is when you run a https server with a signed cert and non empty passphrase. You need to put the key everytime you restart the service.

IMHO, a solution could be some kind of hard-key (EEPROM connected to the parallel port).

pablo.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ