On Thu, 3 Apr 1997, Tom Denier wrote:
> > I think you are mistaken. The clear text password never leaves the server
> > or the client. Perhaps someone from ADSM development can jump in here and
> > clearly explain how the negotiation works.
>
> You have missed the point of my note entirely. In some environments the
> password will pass over the network in clear text before the administrative
> client code ever sees it. For example, I interact with the various AIX
> systems at my site by means of an X terminal on my desk. If I open a
> terminal emulator window, execute the dsmadmc command, and respond to
> the password prompt, the X terminal will send information about each
> keystroke I type over the network with no encryptation. Many of my
> co-workers use telnet clients running on PCs to interact with AIX.
> If one of them establishes a telnet session with AIX, executes the
> dsmadmc command, and responds to the password prompt, the telnet
> client will send everything typed over the network with no
> encryptation.
Sorry, I see your point. However, that is not a failing of ADSM, but of
your use of it. We use ssh here, which can encrypt remote X sessions.
Steve (unVMix Systems Programmer/Dude) Roder
(tkssteve AT ubvm.cc.buffalo DOT edu | tkssteve AT acsu.buffalo DOT edu |
(716)645-3564 ,
| http://ubvm.cc.buffalo.edu/~tkssteve)
|