---------------------------------------------------------------
Yohannes Aries Sulistyono email : aries@idola.net.id
Internet Service http://www.idola.net.id/~aries
PT Aplikanusa Lintasarta Phone : +6221-2302345
Menara Thamrin 12th Fl Fax : +6221-2303883
Jl MH Thamrin kav 3 HP : 0811-142838
JAKARTA - 10340
INDONESIA
---------------------------------------------------------------
On Tue, 4 Mar 1997, Robert Hiltibidal wrote:
>
> Actually, if you set the the users file to :
> #
> # This file contains security and configuration information
> # for each user. The first field is the user's name and
> # can be up to 8 characters in length. This is followed (on
> # the same line) with the list of authentication requirements
> # for that user. This can include password, comm server name,
> # comm server port number, and an expiration date of the user's
> # password. When an authentication request is receive from
> # the comm server, these values are tested. A special user named
> # "DEFAULT" can be created (and should be placed at the end of
> # the user file) to specify what to do with users not contained
> # in the user file. A special password of "UNIX" can be specified
> # to notify the authentication server to use UNIX password (/etc/passwd)
> # authentication for this user.
> #
> # Indented (with the tab character) lines following the first
> # line indicate the configuration values to be passed back to
> # the comm server to allow the initiation of a user session.
> # This can include things like the PPP configuration values
> # or the host to log the user onto.
> #
>
> DEFAULT Password = "UNIX"
> User-Service-Type = Framed-User,
> Framed-Protocol = PPP,
> Framed-Address = 255.255.255.254,
> Framed-Netmask = 255.255.255.0,
> Framed-Routing = None,
> Framed-Compression = Van-Jacobsen-TCP-IP,
> Framed-MTU = 1500,
> Idle-Timeout = 1800,
> Session-Timeout = 18000,
> Port-Limit = 1,
>
>
> .....You use the /etc/passwd file and the users file. So for say 20,000
> entries you are using only one entry in your users file. Your passwords
> stay encrypted.
>
> Rob
>
>
>
>
>
> On Tue, 4 Mar 1997, Yohannes A Sulistyono wrote:
>
> > So, do you mean we can not encrypt user password if we use file USERS?
> > Also, which one is better for large amount of user (more than 8000
> > users), file USERS or file /etc/passwd?
> >
> > Thanks in advance and regards,
> > ---------------------------------------------------------------
> > Yohannes Aries Sulistyono email : aries@idola.net.id
> > Internet Service http://www.idola.net.id/~aries
> > PT Aplikanusa Lintasarta Phone : +6221-2302345
> > Menara Thamrin 12th Fl Fax : +6221-2303883
> > Jl MH Thamrin kav 3 HP : 0811-142838
> > JAKARTA - 10340
> > INDONESIA
> > ---------------------------------------------------------------
> >
> > On Tue, 25 Feb 1997, Walter wrote:
> >
> > > I don't like password files that don't have any kind of
> > > encryption, so I'd go for UNIX encrypted passwords.
> > > However, keep in mind that you'll need to update
> > > the /etc/passwd file on your unix system (you'll NEED an unix
> > > system btw) AND you radius "users" file.
> > > Another thing is that Ascend ISDN terminal servers
> > > don't like UNIX passwords.. (AFAIK that's what they told me)
> > >
> > > Keep in mind that you don't give radius callers access on your
> > > unix system.. So make the default shell for every user /bin/false...
> > > Also protect rlogin, ftp, etc etc ... Your system could allow
> > > a valid radius user to login at your machine.
> > > However, some "hacker" or collegue could just copy/print the
> > > radius users file ... Image a few hundred radius accounts public
> > > available :--(
> > >
> > > At 14:08 25-02-97 +0700, you wrote:
> > > >Hi there,
> > > >Can anyonw tell me which file is better for authentication, UNIX file or
> > > >Radius Database file?
> > > >Also, how is about the performance, security, and easy-to-maintain of
> > > >that each file? Because as I look at the Radius database file (filename :
> > > >users), the password is typed as clear text.
> > >
> > >
> > > Greetinx Earthling,
> > > Walter Tak
> > > walter@concepts.nl
> > >
> >
>
> Robert Hiltibidal Tek Frontiers
> Tek Frontiers "Explore the possibilities.."
> System Admin <http://www.tekfront.com>
> morgan@tekfront.com (217)-241-5112
>
> "People justify their computer for
> business and education, but they
> use their computer for FUN. " - Alex St John
>
>