On May 24, 2005, at 10:33 AM, Jima wrote: > On Tue, 24 May 2005, steve ulrich wrote: > >> hmm - i have the same password on possibly thousands of boxes. i'll >> have to get the NIS+ admins on that pronto. >> > > And if someone managed to get root on one of those NIS+-managed > machines, > they'd be able to get to your encrypted password, right? Right? > Slightly different subject, IMO. true - a slightly different topic. but if root has been compromised you have larger issues than were alluded to in the previous email. it's trivial for someone to replace the nss infrastructure on a system and they don't even have to get their mitts on encrypted passwords. just sniff the cleartext and proxy the auth request. getting back to the practicality vs. security tradeoffs i would argue that forcing someone to have N passwords to interact with N+M (where M >=0 and N > 1) machines does nothing to improve security either. hence throwing up that 400 odd machines with user accounts having the same password as being some great security risk is fallacious at best. if you want to secure that problem use some N-factor authentication mechanism (read: OTP). but that's somewhat orthogonal to this discussion. -- steve ulrich sulrich at botwerks.org PGP: 8D0B 0EE9 E700 A6CF ABA7 AE5F 4FD4 07C9 133B FAFC