Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!rutgers!ames!ucbcad!ucbvax!INFOODS.MIT.EDU!KLENSIN
From: KLENSIN@INFOODS.MIT.EDU (John C Klensin)
Newsgroups: mod.computers.vax
Subject: RE:   Excelan TCP/IP
Message-ID: <870120140643.0000012A031@INFOODS.MIT.EDU>
Date: Tue, 20-Jan-87 14:06:43 EST
Article-I.D.: INFOODS.870120140643.0000012A031
Posted: Tue Jan 20 14:06:43 1987
Date-Received: Wed, 21-Jan-87 04:15:55 EST
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: Klensin@MIT-MULTICS.ARPA
Organization: The ARPA Internet
Lines: 20
Approved: info-vax@sri-kl.arpa

Hmm.  Bless their hearts, two problems, same symptom.  We are not trying
to get to the thing from UNIX, or anything else that is broken or
otherwise severely damaged.  And our difficulties showed up even with
very short passwords. 

So, I guess the moral is:
 1) User must have network authorization.
 2) If user passwords are longish, make sure the user system is doing
the right thing (or trick it into doing so). 

The latter problem, incidentally, is easily checked with the Excelan
software. To detect, turn on debugging in SERVER.DAT for FTP (use the
-d -l options) and see if the passwords are coming through correctly 
into the system log. To paraphrase Excelan, be careful about using this 
because it doesn't do wonderful things for system security.

Some of these little hints, incidentally, are buried in the "Network 
Administration and Security Notes" document, not in the reference 
manual.
    John Klensin, MIT