zemon@felix.UUCP (02/09/87)
I just installed my third computer which means that now I
have three /etc/passwd files. So now I'm trying to figure
out some way to relieve my users from the need to update
passwords three times when they want to change them. How
do you do it?
--
-- Art Zemon
FileNet Corporation
Costa Mesa, California
...! {decvax, ihnp4, ucbvax} !trwrb!felix!zemonecl@mtgzy.UUCP (02/12/87)
In article <286@desoto.UUCP>, shz@desoto.UUCP (S. Zirin) writes: > Users should NOT use the same password on more than one computer for obvious > security reasons. In addition, you should probably use password aging to > require your users to change their passwords periodically. Well, I'll go along with password aging, but I (like many system administrators) have logins on 20+ systems. If I had to have 20+ logins, I'd have to write them down and I consider *that* more of a security problem. (I do have more than one, however.) Since we age passwords every four weeks, changing them is a pain--luckily we have a remote access capability on many of our systems that helps. Evelyn C. Leeper (201) 957-2070 UUCP: ihnp4!mtgzy!ecl ARPA: mtgzy!ecl@rutgers.rutgers.edu
adam@mtund.UUCP (02/12/87)
Felix <2253@felix.UUCP> writes: > In <2253@felix.UUCP> zemon writes: > > > I just installed my third computer which means that now I have three > > /etc/passwd files. So now I'm trying to figure out some way to relieve > > my users from the need to update passwords three times when they want > > to change them. How do you do it. > > Users should NOT use the same password on more than one computer for obvious > security reasons. In addition, you should probably use password aging to > require your users to change their passwords periodically. Bullfeathers. A user who is required to have multiple passwords, and keep on changing them, will write them down rather than take the risk of relying on fallible human memory. All an intruder needs do is read them - usually from a little piece of paper pasted on the terminal. I would rather stick with a single one I can reliably keep in my head. Adam V. Reed mtund!speedy!avr
thomas@spline.UUCP (02/12/87)
The claim is that users should, for security reasons, have a different
password on each of the machines they have access to. In a
distributed environment, this can become pretty hard. If you can tell
me how to remember approximately 25 to 30 different passwords (one for
each different machine in our facility), I might consider it.
=Spencer ({ihnp4,decvax}!utah-cs!thomas, thomas@utah-cs.ARPA)cdash@boulder.UUCP (02/13/87)
In article <286@desoto.UUCP> shz@desoto.UUCP (S. Zirin) writes: >In <2253@felix.UUCP> zemon writes: > >> I just installed my third computer which means that now I have three >> /etc/passwd files. So now I'm trying to figure out some way to relieve >> my users from the need to update passwords three times when they want >> to change them. How do you do it. > >Users should NOT use the same password on more than one computer for obvious >security reasons. In addition, you should probably use password aging to >require your users to change their passwords periodically. zemon's response to zirin's timely request is non-productive. I would love to have a better mechanism than logging in and changing password on each of the 13 machines i use in my work. it gets boring doing this every month. my passwords ARE different (a portion of the password is keyed to the machine name so i don't forget) so is there something that can gracefully change multiple passwords on multiple systems?
gmp@rayssd.UUCP (02/14/87)
In article <286@desoto.UUCP> shz@desoto.UUCP (S. Zirin) writes: > Users should NOT use the same password on more than one computer for obvious > security reasons. Please expound on these "obvious" reasons. If I found a way to force users to use a different password on every machine, and used it, my days would become (more) filled with requests from users about their forgotten passwords. If I honor these requests by phone, I have a big security hole. Even worse, there would be a larger percentage of users that would write their passwords down. I think multiple passwords are less secure. -- Greg Paris ....................... gmp@rayssd.RAY.COM {cbosgd,gatech,ihnp4,linus,mirror,uiucdcs}!rayssd!gmp .. Everything seems to be up in the air at this point ................ I need something to change your mind
guy@gorodish.UUCP (02/15/87)
In article <364@boulder.UUCP> cdash@nike.UUCP (Charles Shub) writes: >In article <286@desoto.UUCP> shz@desoto.UUCP (S. Zirin) writes: >>In <2253@felix.UUCP> zemon writes: >> >>> <request> >>> >><response> > >zemon's response to zirin's timely request is non-productive. Zemon's response to Zirin's request is non-*existent*, as is Zirin's request. Zirin's response to Zemon's request is what is in question here. Was this just a slip of the mind, or do the attribution lines stuck in (with the best of intentions, I'm sure) by various netnews programs possibly cause more problems than they're worth? (I *always* delete them, simply to avoid this kind of problem.)
naftoli@aecom.UUCP (02/16/87)
In article <286@desoto.UUCP>, shz@desoto.UUCP (S. Zirin) writes: > In addition, you should probably use password aging to > require your users to change their passwords periodically. It has been debated whether password aging is a useful security measure. Some cons: 1. People who are forced to change their passwords in order to log on tend to think of some quick and dirty password which will be easy to remember. It has been shown that systems that have password aging had the simplest passwords of all. 2. It confuses novice users to be thrown into the passwd(1) command upon login. 3. Users often forget their new password increasing the administrative hassle. I believe this was discussed in a paper distributed with some UNIX releases entitled "On the Security of UNIX." -- Robert N. Berlinger Systems Analyst, Scientific Computing Center Compuserve: 73047,741 Albert Einstein College of Medicine Easylink: 62956067 UUCP: ...{philabs,cucard,pegasus,rocky2}!aecom!naftoli GEnie: R.Berlinger
shz@desoto.UUCP (02/17/87)
> Please expound on these "obvious" reasons. If I found a way to force > users to use a different password on every machine, and used it, my days > would become (more) filled with requests from users about their forgotten > passwords. It SHOULD be obvious that if user X has logins on the set of machines (a,b,c, .... z) and the passwords are all the same, then if the password for machine 'a' is compromised, the passwords for machines (b,c,d .... z) are also compromised. In addition, suppose machine 'a' is a general purpose machine and machine 'z' contains sensitive or secret information. By using the same password on both machines, the password for machine 'z' is more easily open to attack by users of machine 'a' (not to mention machines [b-y]). Finally, I said passwords on different machines SHOULD be different, but I did *NOT* say administrators should FORCE this requirement. Reading the literature before flaming would save energy (and you might also learn something :-) ). Seth ihnp4!desoto!shz
zemon@felix.UUCP (02/19/87)
For the curious amoung you, I only got two mail responses to my original query. Apparently no one has come up with a magic way to solve this problem. I'll probably do it by writing a little daemon which poses as /bin/passwd, forwards the new password to Felix, and lets Felix redistribute the entire password file to the other machines at FileNet. Well, maybe not the entire file.... As for whether the same password should be allowed on multiple machines: For FileNet that is a non-issue. All of our machines are "equivalent" in /etc/hosts.equiv. Once you log into any machine you can rlogin to the rest without a new password. Furthermore, with the Micom data switch, any terminal can get to any machine. Finally, our users don't want to enter passwords over and over again as they hop between machines. I imagine most of you folks arguing about this also have policies which evolved to suit your local needs and are unlikely to change them. Cheers, -- -- Art Zemon FileNet Corporation Costa Mesa, California ...!hplabs!felix!zemon
hurf@batcomputer.UUCP (02/19/87)
In article <286@desoto.UUCP> shz@desoto.UUCP (S. Zirin) writes: >In <2253@felix.UUCP> zemon writes: > >> I just installed my third computer which means that now I have three >> /etc/passwd files. So now I'm trying to figure out some way to relieve >> my users from the need to update passwords three times when they want >> to change them. How do you do it. > >Users should NOT use the same password on more than one computer for obvious >security reasons. In addition, you should probably use password aging to >require your users to change their passwords periodically. The above does NOT answer the question - with hosts.equiv & .rhosts a password isn't necessary to move between systems anyhow. There are 'rpasswd' programs around (try george@vax1.ccs.cornell.edu) for individual users to update their passwords but the thing that seems to be the most useful would be to keep the password files consistent & rdist from a master node on a periodic basis. I would like to hear from those adventurous enough to have tried this type of thing - I already have some responses to a similar question & I will summarize all responses soon. hurf
mouse@mcgill-vision.UUCP (02/20/87)
In article <2253@felix.UUCP>, zemon@felix.UUCP (Art Zemon) writes: > I just installed my third computer which means that now I have three > /etc/passwd files. So now I'm trying to figure out some way to > relieve my users from the need to update passwords three times when > they want to change them. How do you do it? We run a distributed filesystem (Sun's and Mt. Xinu's NFS implementations at present) and all but one of them are symbolic links to the other. There are backup copies kept in /etc/passwd-, updated nightly, so that in case something serious keeps the central machine out for more than a few hours we at worst have to reboot single-user and copy. Of course, there's more stuff than just /etc/passwd residing on the central machine, so if it goes there's not much use logging in. [ Please, don't tell me about YP, I know about it and we aren't using it for what we find are good and sufficent reasons. ] der Mouse USA: {ihnp4,decvax,akgua,utzoo,etc}!utcsri!musocs!mcgill-vision!mouse think!mosart!mcgill-vision!mouse Europe: mcvax!decvax!utcsri!musocs!mcgill-vision!mouse ARPAnet: think!mosart!mcgill-vision!mouse@harvard.harvard.edu
agm@warwick.UUCP (02/26/87)
In article <660@mcgill-vision.UUCP> mouse@mcgill-vision.UUCP (der Mouse) writes: >We run a distributed filesystem (Sun's and Mt. Xinu's NFS >implementations at present) and all but one of them are symbolic links >to the other... What happens is users on different machines try to change their passwords at the same time? Does the password file get locked properly? Andrew G. Minter