> My concern is about plain text passwords. I believe this means that
> passwords are passed as plain text like with ftp.
>
> If I am not mistaken, I don't think this is a good thing in that someone can
> sniff the packets and figure out a password that is passed for
> authentication in this manner.
>
> Do the network security people think this should be a matter of concern...
> ie would they use it on their own boxes?
Yes, it's a concern, and I do avoid the use of FTP if at all possible. My
personal approach is to use "scp" (related to "ssh" and "slogin"). This
requires an account on a UNIX system with AFS access; I don't know if there
is a system where this is provided as a general service.
Doug
Doug Nelson [log in to unmask]
Network Manager Ph: (517) 353-2980
Computer Laboratory http://www.msu.edu/~nelson/
Michigan State University
|