[vpsFree.cz: community-list] vpsAdmin delka root hesla

Tomas Volf volf.tomas at gmail.com
Fri Feb 10 14:10:43 CET 2012


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aha... chapu no.

Ale aspon napsat k tomu by to chtelo :) Neco jako "pouzijte pro prvni
nastaveni/v pripade zapomenuti a heslo co nejdrive zmente pres passwd" nebo
tak neco :)

On Fri, 10 Feb 2012 13:33:36 +0100
Pavel Snajdr <snajpa at snajpa.net> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> Nelibit se ti to muze, ale to je asi tak vsechno :)
> 
> V podstate nemam jinou moznost, musi to tam bejt v nejaky podobe a ta
> podoba musi bejt rozsifrovatelna - protoze se to uklada ve forme
> transakci, ktery si pak vyzvedava backend, a ten aby to heslo mohl
> zmenit ho musi dostat v plaintextu.
> 
> Musel bych leda zpetne ty transakce mazat (nepripada v uvahu), nebo je
> cenzurovat po nastaveni - coz stejne falesnej pocit bezpeci.
> 
> Pravda je, ze bych to tam mohl nekde vyznacit, aby to bylo obvious.
> 
> Pavel Snajdr
> 
> +420 720 107 791
> 
> http://vpsfree.cz
> 
> On 02/10/2012 01:34 PM, Tomas Volf wrote:
> > Ahoj,
> > muj puvodni dotaz spis smeroval smerem "proc vyzaduje alespon 5 znaku, proc
> > nenechat zabezpeceni na uzivateli".
> > 
> > Hm, proc se to heslo vlastne uklada? A kdyz uz sme u toho, tak proc v
> > plaintextu?
> > 
> > Musim priznat, ze tohle se mi moc nelibi...
> > 
> > On Fri, 10 Feb 2012 13:26:58 +0100
> > Pavel Snajdr <snajpa at snajpa.net> wrote:
> > 
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA256
> > 
> >> Ahoj,
> > 
> >> urcite nechci, aby vpsAdmin umoznoval ulozeni dlouhych hesel, protoze to
> >> heslo je pak v plaintextu v databazi vpsAdminu.
> > 
> >> To ma bejt hlavne na to, aby ses dostal do VPS poprvy, nebo kdyz
> >> zapomenes heslo.
> > 
> >> Pavel Snajdr
> > 
> >> +420 720 107 791
> > 
> >> http://vpsfree.cz
> > 
> >> On 02/10/2012 11:30 AM, Tomas Volf wrote:
> >>> Ahoj,
> >>> jenom takova myslenka... vpsAdmin vynucuje delka hesla pro roota 5 a vice
> >>> znaku... Mne osobne se nelibi "vynucena" bezpecnost :) Jenom mne zajima
> >>> nazor ostatnich na tohle tema...
> >>>
> >>> PS: jo, vim, pres passwd jde heslo roota zmenit klidne na jeden znak :)
> >>> Tim spis jestli dava smysl neco vynucovat ve vpsAdminovi...
> >>>
> >>>
> >>>
> >>> _______________________________________________
> >>> Community-list mailing list
> >>> Community-list at lists.vpsfree.cz
> >>> http://lists.vpsfree.cz/listinfo/community-list
> >> 
> 
> _______________________________________________
> Community-list mailing list
> Community-list at lists.vpsfree.cz
> http://lists.vpsfree.cz/listinfo/community-list
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
> 
> iF4EAREIAAYFAk81DqAACgkQdh+64ds5DaZv1QEAuMJ6UyaPf3yWHB14FZiPx0xZ
> QsdmX0Q0v5yDQsCOoKEA/1J+jgDPlihVMBOtS/Zc2B7BMYVOZcTsXa6S8cspzqsn
> =5omd
> -----END PGP SIGNATURE-----
> _______________________________________________
> Community-list mailing list
> Community-list at lists.vpsfree.cz
> http://lists.vpsfree.cz/listinfo/community-list
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJPNRdTAAoJEID0iULc54suaI4P/24BvpHwU1l0aac2q/rU2j0X
6GYPosq0RQfyWtjd5afOJNZvzugPoE0VnkeVip7PxHWalVKgzEkddKF1biw2xZG2
3suetfMBGyzivSIgBKgImNiUz6RqDE2jHHLBwnBUu2ahv7aHdl4+gT4ppkWQAORL
z2v2HH3ae6A6IZfhmeuGzdDyXhFozlgHx+lTfiJQ8wM8QZs920RuMSAbxSKXQUSy
nF66aVuHMClLbtv3N2l0iHGCzK2LvtUqQZIAgWhD4zV2a0cGwxB/TBdLig08v0b1
v2gZMOn7haRboWwjVz3RIrjNXe4QTdU1d1VxqqPBYmM5xY4O4+lalltoLQqrc3DR
Dsh593IgCScTJ0A+UbzYMANu4xEHT9nQutqJqCVrLv6JS9H5mK+iUq7/9xin8+J8
IMJb8MyMpJ4rn8TiSxnUnhXd39JqRETSIDzMnXtAAD8lXas3FPrfoh8Ss7BXQh1s
o92WNmrWfVSOyi4lCbvP6gHyKD3vKxSYvTqg2NeElXSNYgiCwZ7+DfEbhrkeyfm6
AbczqkbhaOFEHrmFjvsDW75Fs5OsNjNV1oWruUIxyxZIMB0tP2vkMMxAJLRnbdKk
zk81Y1Nfg2/AHnqza40QDLPVDrmxr43TEk8dT+506IWnORurfENDjayvy7hZsCng
T6lPTcIwP3BVMh+AmfQ7
=Lwfm
-----END PGP SIGNATURE-----


More information about the Community-list mailing list