Re: S/Key and OPIE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: S/Key and OPIE
From: Florin Andrei <florin@xxxxxxxxxxxxxxx>
Date: Sun, 25 Dec 2005 11:03:23 -0800
In-reply-to: <200512250543.18972.mafia_rgd@xxxxxxx>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <https://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <200512250543.18972.mafia_rgd@xxxxxxx>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

On Sun, 2005-12-25 at 05:43 +0500, Sergey wrote:

> Also, is Fedora willing to change from MD5 password crypts? It appears be very 
> weak against brute-force attacks - I cracked *ALL* my system/user password 
> (~20) within a night (got plain-text passwords) with a help of jack and a 
> simple shell script. 

All encryption algorithms are equally vulnerable against non-crypto
attacks such as brute force. You're not attacking the encryption per se.

> (*) Keep this in mind - once I own you /etc/shadow file, I know all your 
> *REAL* passwords.

Obviously.

-- 
Florin Andrei

http://florin.myip.org/

References:
- S/Key and OPIE
  - From: Sergey

Prev by Date: Re: multimedia program
Next by Date: Re: Converting PS and PDF to HTML
Previous by thread: S/Key and OPIE
Next by thread: bind update - naughty - removed wroking named.conf
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]