Mail*Link(r) SMTP Firewalls Digest V2 #259
Firewalls Digest Wednesday, 1 December 1993 Volume 02 : Number 259
In this issue:
Re: TIS authsrv and s/key
Please add
Re: TIS authsrv and s/key
See the end of the digest for information on subscribing to the Firewalls
or Firewalls-Digest mailing lists and on how to retrieve back issues.
----------------------------------------------------------------------
From: "R.F. Graveman" <rfg @
ctt .
bellcore .
com>
Date: Tue, 30 Nov 1993 07:07:17 -0500
Subject: Re: TIS authsrv and s/key
> I am playing with the TIS toolkit and have come across something I wouldn't
> have done that way and am therefore tempted to change. I'd like to hear
> from the list why they think I should leave well alone (or not :-).
>
> Password changing on s/key. This requires the user to enter the "secret"
> password, the one part of the s/key stuff which is normally never leaves
> the user's local system. I would like to change it so that the user enters
> the three non-secrets when resetting the password, ie the new sequence
> number, seed and the resulting s/key.
This option is available in the version I use (I believe it's a -s).
Hence, we thought your idea was a good one, too.
The code should be available from thumper.bellcore.com.
Also, there exists an s-key mailing list (sign up at:
skey-users-request @
thumper .
bellcore .
com)
Rich Graveman
Bellcore
voice: 908 699-4611
fax: 908 336-2943
------------------------------
From: sfrazier @
fmrco .
com (Scott Frazier)
Date: Tue, 30 Nov 93 07:13:28 EST
Subject: Please add
Please add "sfrazier @
fmrco .
com" to the firewalls mailing list.
-S.
Scott Frazier I-Kinetics, Inc.
Systems Engineer 19 Bishop Allen Drive
(617) 661-8181 x252 Cambridge, MA. 02139
(617) 570-4587 sfrazier @
i-kinetics .
com
------------------------------
From: alastair @
cadence .
com (Alastair Young)
Date: Tue, 30 Nov 1993 09:54:16 -0800
Subject: Re: TIS authsrv and s/key
>> I am playing with the TIS toolkit and have come across something I wouldn't
>> have done that way and am therefore tempted to change. I'd like to hear
>> from the list why they think I should leave well alone (or not :-).
>>
>> Password changing on s/key. This requires the user to enter the "secret"
>> password, the one part of the s/key stuff which is normally never leaves
>> the user's local system. I would like to change it so that the user enters
>> the three non-secrets when resetting the password, ie the new sequence
>> number, seed and the resulting s/key.
>
>This option is available in the version I use (I believe it's a -s).
>Hence, we thought your idea was a good one, too.
Yes, if you are using the keyinit program directly. I was referring to
password changing via the TIS authsrv autentication server. It is linked to
the s/key library and allows password changing but only in the "insecure"
form.
Al
- ---------------------------------------------------------------------------
Alastair Young _ Ariel NH
Cadence Design Systems, Information Services )/___ _ Red Hunter
555 River Oaks Parkway, 4B1 __/(___)_*##/c
San Jose CA 95134 Fax: (408)894-3487 / /\\|| \ / \ Brakes'n'lites
alastair @
cadence .
com (408)428-5278 \__/ ----'\__/ novel eh?
- ---------------------------------------------------------------------------
These statements and opinions are mine, not those of Cadence Design Systems
------------------------------
End of Firewalls Digest V2 #259
*******************************
To subscribe to Firewalls-Digest, send the command:
subscribe firewalls-digest
in the body of a message to "Majordomo @
GreatCircle .
COM". If you want
to subscribe something other than the account the mail is coming from,
such as a local redistribution list, then append that address to the
"subscribe" command; for example, to subscribe "local-firewalls":
subscribe firewalls-digest local-firewalls @
your .
domain .
net
A non-digest (direct mail) version of this list is also available; to
subscribe to that instead, replace all instances of "firewalls-digest"
in the commands above with "firewalls".
Compressed back issues are available for anonymous FTP from
FTP.GreatCircle.COM, in pub/firewalls/digest/vNN.nMMM.Z (where "NN"
is the volume number, and "MMM" is the issue number).
------------------ RFC822 Header Follows ------------------
Received: by engmail.llnl.gov with SMTP;1 Dec 1993 07:33:18 U
Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92)
id AA24763; Wed, 1 Dec 93 01:08:01 PST
Return-Path: <Firewalls-Digest-Owner @
GreatCircle .
COM>
Received: from cheetah.llnl.gov by pierce.llnl.gov
(4.1/LLNL-1.18/llnl.gov-05.92)
id AA24754; Wed, 1 Dec 93 01:07:57 PST
Received: from relay1.UU.NET (relay1.UU.NET [192.48.96.5]) by cheetah.llnl.gov
(8.6.4/8.6.4) with SMTP id BAA16967 for <hrb @
cheetah .
llnl .
gov>; Wed, 1 Dec 1993
01:06:48 -0800
From: Firewalls-Digest-Owner @
greatcircle .
com
Received: from mycroft.GreatCircle.COM by relay1.UU.NET with SMTP
(5.61/UUNET-internet-primary) id AA26981; Wed, 1 Dec 93 04:03:09 -0500
Received: by mycroft.GreatCircle.COM (4.1/SMI-4.1/Brent-931103)
id AA26837; Wed, 1 Dec 93 09:00:16 GMT
Received: by mycroft.GreatCircle.COM (4.1/SMI-4.1/Brent-931103)
id AA26821; Wed, 1 Dec 93 01:00:09 PST
Date: Wed, 1 Dec 93 01:00:09 PST
Message-Id: <9312010900 .
AA26821 @
mycroft .
GreatCircle .
COM>
To: Firewalls-Digest @
greatcircle .
com
Subject: Firewalls Digest V2 #259
Reply-To: Firewalls @
greatcircle .
com
Sender: Firewalls-Digest-Owner @
greatcircle .
com
Precedence: bulk
|
|
