 |
 |
Doug Nelson wrote: >>My concern is about plain text passwords. I believe this means that >>passwords are passed as plain text like with ftp. >> >>If I am not mistaken, I don't think this is a good thing in that someone can >>sniff the packets and figure out a password that is passed for >>authentication in this manner. >> >>Do the network security people think this should be a matter of concern... >>ie would they use it on their own boxes? >> >> > >Yes, it's a concern, and I do avoid the use of FTP if at all possible. My >personal approach is to use "scp" (related to "ssh" and "slogin"). This >requires an account on a UNIX system with AFS access; I don't know if there >is a system where this is provided as a general service. > >Doug > > >Doug Nelson [log in to unmask] >Network Manager Ph: (517) 353-2980 >Computer Laboratory http://www.msu.edu/~nelson/ >Michigan State University > > > Wasn't the ASF space scheduled to be retired with the old mail system and be replaced by something more secure? Some thing that could require encrypted passwords or even better secure connections. After all sftp is free for the university. Uwe Rossbach