smbsh and others.
Alexandre Oliva
oliva at dcc.unicamp.br
Wed Oct 7 11:03:01 GMT 1998
Luke Kenneth Casson Leighton <lkcl at switchboard.net> writes:
> On 6 Oct 1998, Alexandre Oliva wrote:
>> Luke Kenneth Casson Leighton <lkcl at switchboard.net> writes:
>> > that's why i said 700 permissions on the ~/.smb directory.
>> That won't do if you don't trust the local sysadmin and you're willing
>> to access remote filesystems. In fact, if the sysadmin really wants
>> to steal your password, s/he can do that no matter how much you try to
>> prevent it, but why shouldn't we make her/his job harder? :-)
> same applies to ~/.ssh and the private key.
The private key in ~/.ssh is encrypted using the user's password as a
key. Furthermore, I'm not sure about the protocol between ssh-agent
and ssh, but I think it is also encrypted using session keys. Which
doesn't mean the super-user cannot break them if s/he wishes, just
that his job is much harder.
--
Alexandre Oliva
mailto:oliva at dcc.unicamp.br mailto:oliva at gnu.org mailto:aoliva at acm.org
http://www.dcc.unicamp.br/~oliva
Universidade Estadual de Campinas, SP, Brasil
More information about the samba-technical
mailing list