[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: secure terminals?



> From: "Michael K. Johnson" <johnsonm@redhat.com>
> Subject: Re: secure terminals? 
> Date: Tue, 02 Jul 1996 14:44:41 -0400

> But account management is done after authentication, and we want to
> prevent authentication from being done over insecure channels.  Since
> what we want to do is prevent authentication from being done with
> authentication systems that are not secure over clear channels, it
> seems to me that this is an authentication issue, not an account
> management issue, and it should be done by the authentication functions.

I would agree with Michael on this issue.  Part of authentication
should be verifying that the user is coming from an authorized port.
For regular users, that might be "only a system on this LAN", or "only
dial-in ports through this terminal server", or something the like; for
the super-user ("root") login, it should be something more restrictive.

> Sorry to hear about your immigration problems.  Good luck resolving
> them.

Absolutely agreed.  Anything any of us can do?  (Anybody work in INS?)

Joe Yao				jsdy@cais.com - Joseph S. D. Yao



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []