Path: utzoo!utgpu!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!uflorida!haven!adm!smoke!gwyn
From: gwyn@smoke.BRL.MIL (Doug Gwyn )
Newsgroups: comp.unix.wizards
Subject: Re: /etc/shadow
Message-ID: <8924@smoke.BRL.MIL>
Date: 18 Nov 88 04:09:48 GMT
References: <17568@adm.BRL.MIL>
Reply-To: gwyn@brl.arpa (Doug Gwyn (VLD/VMB) <gwyn>)
Organization: Ballistic Research Lab (BRL), APG, MD.
Lines: 19

In article <17568@adm.BRL.MIL> rbj@nav.icst.nbs.gov (Root Boy Jim) writes:
!? From: Doug Gwyn  <gwyn@smoke.brl.mil>
!? In the above, probably it would be safest to use the encrypted form
!? of a trial password instead of plaintext.  It bothers me that some
!? network protocols send unencrypted passwords over the network.
!Perhaps I don't understand the problem fully, but it seems to me that
!I could just write a client that sends, say, the login name and the
!encrypted password (which I got from reading the password file) over
!the net and masquerade as a legitimate host. Unless you send the plaintext
!password over the net, you preclude the server from checking the validity
!itself. And you force all encryption algorithms to be the same.

Yes, never mind the suggestion about encryption.  It doesn't add enough
security to be worth the additional hassle.  Genuinely secure network
verification of users requires FAR more work.

If someone wants to implement user/password verification interfaces
along the lines that I suggested, don't bother with encryption outside
the implementation itself.