[cvsnt] Re: pserver encryption?
Tony Hoyle
tmh at nodomain.org
Fri Mar 5 16:37:01 GMT 2004
On Fri, 5 Mar 2004 10:29:23 -0600, "Tyler Theobald"
<tyler.theobald.junk at cox.net> wrote:
>Is there absolutely no way to have pserver authentication encrypted in
>within a LAN? The encryption field in the CVSNT control panel doesn't help
>at all?
>I'd really like to use domain accounts instead of local accounts, but can't
>if passwords are sent clear text.
>
You could use sserver - which is essentially SSL encrypted pserver, or
SSPI of course.
There's also gserver, which can be a pain to get working but is very
secure.
pserver is an inherently insecure protocol unfortunately... It's not
expandable either so you can't put in extensions to enable encryption
or make the passwords vaguely secure.
If you're stuck with pserver the only option is to make sure the
pserver passwords are different to the domain passwords so you're not
risking the domain security.
Tony
More information about the cvsnt
mailing list