roes@phcoms.seri.philips.nl (Aloys Roes) (12/13/90)
We recently received VMS 5.4 and found that it introduced a new password hashing algorithm. For normal use this is no problem however, a number of FTP servers do their own checking of passwords and use the older hashing algorithm for that. So whenever a user changes his password under VMS 5.4 he/she can no longer FTP into that account. We have this problem with the following TCP/IP implementations: FNS version 3.3.7, Novell LAN-service version 3.5 (EXCELAN) and CMU 6.5. The other TCP/IP implementations that are used in our company (UCX from DEC and WIN/TCP from Wollongong) have solved the problem by using LOGINOUT.EXE for password checking. Does anyone know if there are solutions for the above three TCP/IP implementations and how we can get hold of them? Thanks, Aloys Roes, Philips Components, Building BC-136, | Tel. : + 31 40 72 30 62 P.O.Box 218, 5600 MD Eindhoven, The Netherlands | Email: roes@seri.philips.nl -- regards, Aloys Roes, Philips Components, Building BC-136, | Tel. : + 31 40 72 30 62 P.O.Box 218, 5600 MD Eindhoven, The Netherlands | Email: roes@seri.philips.nl
doug@jhunix.HCF.JHU.EDU (Douglas W O'neal) (12/14/90)
In article <566@phcoms.seri.philips.nl-> roes@phcoms.seri.philips.nl (Aloys Roes) writes:
->We recently received VMS 5.4 and found that it introduced a new password
->hashing algorithm. For normal use this is no problem however, a number of
->FTP servers do their own checking of passwords and use the older hashing
->algorithm for that. So whenever a user changes his password under VMS 5.4
->he/she can no longer FTP into that account. We have this problem with the
->following TCP/IP implementations: FNS version 3.3.7, Novell LAN-service
->version 3.5 (EXCELAN) and CMU 6.5. The other TCP/IP implementations that
->are used in our company (UCX from DEC and WIN/TCP from Wollongong)
->have solved the problem by using LOGINOUT.EXE for password checking.
->
->Does anyone know if there are solutions for the above three TCP/IP
->implementations and how we can get hold of them?
->
A post came out on the cmutek mailing list on 3-dec-1990 that a patched
ftp is available from 128.2.232.20 and it will be included in future
distributions of cmutek tcp/ip
Doug
--
Doug O'Neal, Distributed Systems Programmer, Johns Hopkins University
doug@jhuvms.bitnet, doug@jhuvms.hcf.jhu.edu, mimsy!aplcen!jhunix!doug
Like many of the features of UNIX, UUCP appears theoretically
unworkable... - DEC Professional, April 1990
ichihara@rik835.riken.go.jp (12/15/90)
> Newsgroups: comp.os.vms,comp.protocols.tcp-ip > Subject: FTP server, VMS 5.4 (new password hashing) > Message-ID: <566@phcoms.seri.philips.nl> > Date: 13 Dec 90 12:03:20 GMT > Organization: Philips Components - SERI, Eindhoven, The Netherlands > Lines: 23 > Xref: rkna50 comp.os.vms:13276 comp.protocols.tcp-ip:10256 > > We recently received VMS 5.4 and found that it introduced a new password > hashing algorithm. For normal use this is no problem however, a number of > FTP servers do their own checking of passwords and use the older hashing > algorithm for that. So whenever a user changes his password under VMS 5.4 > he/she can no longer FTP into that account. We have this problem with the > following TCP/IP implementations: FNS version 3.3.7, Novell LAN-service > version 3.5 (EXCELAN) and CMU 6.5. The other TCP/IP implementations that > are used in our company (UCX from DEC and WIN/TCP from Wollongong) > have solved the problem by using LOGINOUT.EXE for password checking. > > Does anyone know if there are solutions for the above three TCP/IP > implementations and how we can get hold of them? Hi For the CMU-TEK V6.5, we have already solution. I have tested following release of FTP and this new FTP works fine in the VMS V5.4 after changing passwords. T. Ichihara (RIKEN) ========================================================================== Message-Id: <cbKhYcK00aMeQ=NmpM@andrew.cmu.edu> Date: Mon, 3 Dec 90 18:00:56 -0500 (EST) From: "Bruce R. Miller" <bm17+@andrew.cmu.edu> To: CMU TEK <cmu-tek-tcp+@andrew.cmu.edu> Subject: FTP I forgot to mention something. I fixed up FTP so that it works with VMS 5.4. It requires differant object code though, so I made up an installation kit (available via anonymous FTP from 128.2.232.20) which figures out what version of VMS you're running, and links in the proper password hashing code. This means that you need to install the new FTP kit when you upgrade to VMS 5.4. It won't work to install it now before you upgrade. You have to be running VMS 5.4 in order for the kit to do the right thing. I know this is confusing, but the only alternative was to distribute seperate images. On a related note, I'm reconfiguring the package so it will work with VMS 4.x. If I can pull this off, Tek 6.6 will run under VMS 4.5 and above. Hopefully some of the 6.6 beta testers will be running ancient versions of VMS. -bruce r miller CMU NetDev