The ADSM password is not sent in the clear.

Barry Fruchtman
ADSM Development


On Thu, 3 Jul 1997, Joe Morris wrote:

> On Thu, 19 Jun 1997, Kent L. Johnson wrote:
>
> | We have some people at our university who are hesitant to use ADSM because 
> of
> | security reasons.  I believe that they are concerned of the possiblity that
> | ethically-challenged people may sniff networks, intercept the backup data,
> | and recreate files containing sensitive data.
>
> We're concerend about this issue as well.  Our main concern is the desire
> to place our Kerberos servers on ADSM.  Placing that data over the network
> is not attractive.  My main concern is hackers grabbing the node password
> at the beginning of a session.  If they have that, then they have access
> to all of the data from the ADSM server.  This is assuming the password is
> sent in the clear.
>
> One solution I'm looking at is using ssh.  Whereas, I setup a secure ssh
> connection from the client to the server and setup a special port to
> redirect port 1500 over that same connection.  Now all information
> (password and data) is encrypted.  Very little overhead with this so far.
> Still working out the minor details of setting-up the connection for a
> batch job and such.  As long as you are using TCP/IP, the ssh solution
> should work for most people.
>
> _______________________________________________________________
> Joe Morris  -  morris AT unc DOT edu  -  http://sunsite.unc.edu/morris
> Academic Technology and Networks (formerly OIT), Development
> University of North Carolina at Chapel Hill
>