Re: (RADIUS) UUCP (fwd)

Stefan Hudson (hudson@mbay.net)
Fri, 24 Apr 1998 14:25:53 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Toomas Losin: "Re: (RADIUS) UUCP (fwd)"
Previous message: Thomas Tsai: "(RADIUS) Cistron - "checkrad.pl""
In reply to: Josh Richards: "Re: (RADIUS) PMConsole problem"
Next in thread: Toomas Losin: "Re: (RADIUS) UUCP (fwd)"

On Fri, Apr 24, 1998 at 01:35:17PM -0700, MegaZone wrote:
> Once upon a time Stefan Hudson shaped the electrons to say...
> >I use a simple, no-password RADIUS entry like this:
> >
> ># UUCP login
> >uucp Password = ""
>
> Note that the fact that this works is a *bug* and will be fixed. Blank
> passwords should not be valid under RADIUS, it is a security hole.

Why is it a bug? I'm deliberatly specifying a null string as a password...
it's doing exactly what I'm telling it to. To me, a bug is something that
doesn't do what is expected for a given input.

And if it is a "bug", how should I intentionally specify no password?
The authentication is handled elsewhere... I'd prefer not even having a
password: prompt at all, but that's kindof required for the way RADIUS
works.

-- 
     /// Stefan Hudson <hudson@mbay.net>  
__  /// Senior Network Administrator - Monterey Bay Internet
\\\/// http://www.mbay.net/  -  Email: info@mbay.net
 \XX/ Voice: 408-642-6100  Fax: 408-642-6101  Modem: 408-642-6102
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-radius' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Toomas Losin: "Re: (RADIUS) UUCP (fwd)"
Previous message: Thomas Tsai: "(RADIUS) Cistron - "checkrad.pl""
In reply to: Josh Richards: "Re: (RADIUS) PMConsole problem"
Next in thread: Toomas Losin: "Re: (RADIUS) UUCP (fwd)"