hamilton@harrison.cs.unc.edu (Johnny Hamilton) (03/04/89)
title: password distribution mechanism sought
QUESTION:
I would like to locate a utility that would allow users to
change their password on one machine (in this case a VAX 6310
running ULTRIX), and have that change automatically propagated
to all the other department machines on which they have accounts.
This does not necessarily mean that the user will have an active
account on the "password server", but will have an entry in
/etc/passwd for propagation/consistency.
Optimally, this utility would distribute the encoded password
so that our programs that search for easy-to-break passwords would
only have to work on one encryption for each user.
Our department has a large number and variety of UNIX machines,
including suns, VAXes, and a Data General. All but the DG run some
version of BSD UNIX (ULTRIX, 4.3 Mt. Xinu, SUN/OS), and the DG runs
DG/UX, a System V/4.2 combination. The suns have a common user com-
munity, but each of the other machines has a separate set of users
and therefore a separate password file.
While we have the ability to use the yellow pages, the different
users on each machine make this undesirable.
I would like to hear from anyone who has installed such a system.
Thanks in advance.
Johnny D. Hamilton
Research Assistant
University North Carolina at Chapel Hill
hamilton@cs.unc.eduMakey@LOGICON.ARPA (Jeff Makey) (03/04/89)
In article <7078@thorin.cs.unc.edu> hamilton@harrison.cs.unc.edu (Johnny Hamilton) writes: > Optimally, this utility would distribute the encoded password > so that our programs that search for easy-to-break passwords would > only have to work on one encryption for each user. Of course, this also means that *their* (the bad guys') programs that search for easy-to-guess (and not-so-easy-to-guess) passwords would only have to work on one encryption for each user. Actually, the only place you would have to run your guesser is at the password server node, since you would know that any password guessed there would be on all the other machines as well. The bad guys would know this too, naturally. I hope you have taken into consideration the security risks of using the same password on more than one machine, since this must be weighed against the convenience of this scheme. :: Jeff Makey Department of Tautological Pleonasms and Superfluous Redundancies Department Disclaimer: Logicon doesn't even know we're running news. Internet: Makey@LOGICON.ARPA UUCP: {nosc,ucsd}!logicon.arpa!Makey
rbj@dsys.icst.nbs.gov (Root Boy Jim) (04/04/89)
? From: Jeff Makey <Makey@logicon.arpa>
? I hope you have taken into consideration the security risks of using
? the same password on more than one machine, since this must be weighed
? against the convenience of this scheme.
? :: Jeff Makey
? Department of Tautological Pleonasms and Superfluous Redundancies Department
? Disclaimer: Logicon doesn't even know we're running news.
? Internet: Makey@LOGICON.ARPA UUCP: {nosc,ucsd}!logicon.arpa!Makey
I must regrettably disagree with my former colleague on the security
risks. It depends on what assumptions you make. If your users use .rhosts,
then one password is actually safer. Multiple passwords give the bad guys
multiple targets, any of which would allow access to all machines.
To answer the guys original question, you can run Yellow Pages if you
have Suns, or people who are tracking Sun's NFS/RPC/XDR networking
software, such as Sequent. However, YP is fraught with it's own problems,
such as not working well with nameservers.
Don Libes <libes@cme.nbs.gov> just posted a network wide password checker
to (whatever they call) net.sources (these days) which might also help.
Catman Rshd <rbj@nav.icst.nbs.gov>
Author of "The Daemonic Versions"jim@cs.strath.ac.uk (Jim Reid) (04/05/89)
In article <18929@adm.BRL.MIL> rbj@dsys.icst.nbs.gov (Root Boy Jim) writes: >.......................... However, YP is fraught with it's own problems, >such as not working well with nameservers. This is an understatement to say the least. YP is riddled with so many security holes, you might as well leave /etc/passwd world writable. Worrying about users having the same password on all the hosts on your network pales into insignificance when compared to the troubles that Yellow Pages can cause. Jim -- ARPA: jim%cs.strath.ac.uk@ucl-cs.arpa, jim@cs.strath.ac.uk UUCP: jim@strath-cs.uucp, ...!uunet!mcvax!ukc!strath-cs!jim JANET: jim@uk.ac.strath.cs "!rof si ver tahw s'taht oS"
Makey@LOGICON.ARPA (Jeff Makey) (04/13/89)
In article <18929@adm.BRL.MIL> rbj@dsys.icst.nbs.gov (Root Boy Jim) writes: >? From: Jeff Makey <Makey@logicon.arpa> >? >? I hope you have taken into consideration the security risks of using >? the same password on more than one machine, since this must be weighed >? against the convenience of this scheme. > >If your users use .rhosts, >then one password is actually safer. Multiple passwords give the bad guys >multiple targets, any of which would allow access to all machines. Agreed. If you are willing to let a breach of security on one machine lead trivially to breaches of other machines, then by all means stick to a single difficult-to-guess password and .rhosts files. :: Jeff Makey Department of Tautological Pleonasms and Superfluous Redundancies Department Disclaimer: Logicon doesn't even know we're running news. Internet: Makey@LOGICON.ARPA UUCP: {nosc,ucsd}!logicon.arpa!Makey