mjl@unix.cis.pitt.edu (Michael J Lewinter) (03/27/91)
Could someone inform me as to 1) What version of Netware started support of encrypted passwords. 2) Is there any documentation of this feature available (I've checked my 2.15 manuals (although I only spent about 20 minutes before I gave up)) Thanks in advance: Michael J. LeWinter
mjl@unix.cis.pitt.edu (Michael J Lewinter) (03/29/91)
Thanks for all of the responses that I got to my query. I would like
to share the two types of responses.
1) Novell has supported encrypted passwords since 2.1 . (While this may
be true with regards to how they are stored in the bindry, the
'packet' containing the the password that the user types in is
"clear text format". "A sniffer can pull in a login packet that uses
the clear text format, and an intruder can read the user's login
password." [Taken from page 166 of the NetWare Concepts manual which
I assume is a part of the documentation of 3.x.])
2) Two responses informed me that since V 3.0 of netware, encrypted password
packets are supported. This corresponds with the page of manual that
I quoted from above.
I would have sent this directly to the people who supplied me with info as
well, but being sloppy, I purge their messages.
Enjoy,
Michael J. LeWinter
--
All email, no cute messages to mankind : mjl@vms.cis.pitt.edu
mjl@pittvms.bitnetkji@vpnet.chi.il.us (Ken Isacson) (03/30/91)
In article <108250@unix.cis.pitt.edu> mjl@unix.cis.pitt.edu (Michael J Lewinter) writes: >Could someone inform me as to > >1) What version of Netware started support of encrypted passwords. > V 3.11 I believe, according to a spokesperson from Novell. -- __________________________________________________________ Ken Isacson Sysop - Board Of Trade BBS GT 016/001 kji@vpnet.chi.il.us (815) 753 - 0042 ----------------------------------------------------------
Jons@cup.portal.com (Jonathan S Spangler) (03/31/91)
In article <108250@unix.cis.pitt.edu> mjl@unix.cis.pitt.edu (Michael J Lewinter ) writes: >1) What version of Netware started support of encrypted passwords. V 3.11 I believe, according to a spokesperson from Novell. __________________________________________________________ Ken Isacson Sysop - Board Of Trade BBS GT 016/001 kji@vpnet.chi.il.us (815) 753 - 0042 ---------------------------------------------------------- People: Perhaps it is time to define what Novell means by encrypted. Yes, it is true that passwords were encrypted from v2.1x and up. However, passwords were *not* encrypted across the wire itself. Therefore, if you have a Sniffer or other network cable management tool, it was easy to to read the password. Now, with v3.x of NetWare, passwords are encrypted OVER THE LAN CABLE. this is mostly a security issue, and only really becomes a problem if you need to have both 286 and 386 OSes running simultaneously. The command that needs to go into the AUTOEXEC.NCF file is: set allow unencrypted passwords = on Hope this helps someone... aloha, Jonathan Spangler jons@cup.portal.com
trier@cwlim.INS.CWRU.Edu (Stephen C. Trier) (03/31/91)
In article <40718@cup.portal.com> Jons@cup.portal.com (Jonathan S Spangler) writes: >Now, with v3.x of NetWare, passwords are encrypted OVER THE LAN CABLE. this >is mostly a security issue, and only really becomes a problem if you need >to have both 286 and 386 OSes running simultaneously. OK, what kinds of problems will occur? With a University-wide net, we can expect to be mixing 286 and 386 versions for a few years. The first 3.10 server just went on the main net; what problems should I be seeing on the poor 2.15 servers? :-) -- Stephen Trier Case Western Reserve University Work: trier@cwlim.ins.cwru.edu Information Network Services Home: sct@seldon.clv.oh.us %% Any opinions above are my own. %%
jamesp@world.std.com (james M peterson) (04/01/91)
You can log into a 3.x server then attach to a 2.1x server ok. The other way around you get a notice of unencrypted pwd try on the 386 console unless you set ALLOW UNENCRYPTED PASSWORDS = ON on the 386 server. jamesp@world.std.com
Jons@cup.portal.com (Jonathan S Spangler) (04/03/91)
>In article <40718@cup.portal.com> Jons@cup.portal.com (Jonathan S Spangler) wr i >tes: >>Now, with v3.x of NetWare, passwords are encrypted OVER THE LAN CABLE. this >>is mostly a security issue, and only really becomes a problem if you need >>to have both 286 and 386 OSes running simultaneously. > >OK, what kinds of problems will occur? With a University-wide net, we can >expect to be mixing 286 and 386 versions for a few years. The first 3.10 >server just went on the main net; what problems should I be seeing on the >poor 2.15 servers? :-) > >-- >Stephen Trier Case Western Reserve University >Work: trier@cwlim.ins.cwru.edu Information Network Services >Home: sct@seldon.clv.oh.us %% Any opinions above are my own. %% I didn't make myself really clear, I guess... As long as you have the "set allow unencrypted password = on" in your AUTOEXEC.NCF file, there is *no* problem! Aloha, Jonathan jons@cup.portal.com