[BLUG] A Couple Questions
Mark Krenz
blug_at_mailman.cs.indiana.edu
Wed, 31 Jan 2007 16:58:55 +0000
Well it really depends on what it is for. If you are storing
passwords for a website or email server or something then that works
fine. The fact that md5 hashes are one way and used to store passwords
is an important principle in system administration. The system
administrator or other people with access shouldn't be able to decrypt
it. Since people often use one password for many different services and
companies, its good to have some degree of secrecy of common information
you use.
On Wed, Jan 31, 2007 at 04:46:20PM GMT, Joe Auty [joe_at_netmusician.org] said the following:
> Hey Mark,
>
> What do you think about storing an md5 password hash in a database?
> One disadvantage of doing this seems to be that there is no way to
> convert the hash back to plaintext, but you can do comparisons
> against it.
>
>
> On Jan 31, 2007, at 9:20 AM, Mark Krenz wrote:
>
> >
> > You need to read this:
> >
> >http://www.suso.org/docs/databases/saferdbpasswords.sdf
> >
> > I came up with this method years ago and it works well. You
> >don't even
> >need to be a hosting provider to use it. Keeping the password in a
> >seperate file and protecting that file works well for a variety of
> >reasons.
> >
> > I've thought about making an RFC for it at times, but somehow that
> >seems scary. Plus I need more professional feedback on the method.
> >
> >Mark
> >
> >On Wed, Jan 31, 2007 at 01:54:45PM GMT, Simon Ruiz
> >[sruiz_at_mccsc.edu] said the following:
> >>RE: SCP or WGET
> >>I'm thinking if I ever need to put passwords (or anything "secret"
> >>really) inline in a script using wget wouldn't be all that secure
> >>compared to scp...but, then, I suppose I could have the first
> >>script pull another script through scp for that specific usecase I
> >>suppose...is the overhead of scp all that much, really? Or is
> >>there another reason for wget that I'm unaware of?
> >>
> >>RE: CSV or SQL
> >>I was thinking plaintext because I don't relish the personal
> >>overhead of learning my way around SQL (everything I've been doing
> >>on our Linux workstations lately has felt like "Oh, ok, you want
> >>to do X? Well, it's simple as long as you understand Y, Z, P and
> >>Q." Compiling SystemImager has been giving me headaches...),
> >>whereas I already know how to parse a plaintext file in bash.
> >>Also, it could be edited using basic office tools already
> >>available on all workstations (very important that my boss be able
> >>to work with it, in the event of my departure...assuming Excel can
> >>save a csv plaintext file without bungling up the end-line
> >>characters...Calc should be able to...need to check on this...).
> >>
> >>On the other hand, it might be a lot simpler than I'm imagining to
> >>use SQL.
> >>
> >>Thanks for your response!
> >>
> >>Sim?n
> >>
> >>________________________________
> >>
> >>From: blug-admin_at_cs.indiana.edu on behalf of Gaddis, Jeremy L.
> >>Sent: Tue 1/30/2007 3:04 PM
> >>To: blug_at_cs.indiana.edu
> >>Subject: Re: [BLUG] A Couple Questions
> >>
> >>
> >>
> >>Put your script on a webserver and use wget instead. Also, use
> >>SQL for storing your configurations (instead of a file) and
> >>configure the script to pull the options from there based upon
> >>hostname or MAC. That's how I'd probably do it, unless there's
> >>issues I'm not aware of.
> >>
> >>-j
> >>
> >>
> >>--
> >>Jeremy L. Gaddis
> >>Network Administrator
> >>812.330.6156 (w) 812.391.0358 (m)
> >>
> >>
> >>_______________________________________________
> >>BLUG mailing list
> >>BLUG_at_linuxfan.com
> >>http://mailman.cs.indiana.edu/mailman/listinfo/blug
> >>
> >
> >--
> >Mark Krenz
> >Bloomington Linux Users Group
> >http://www.bloomingtonlinux.org/
> >_______________________________________________
> >BLUG mailing list
> >BLUG_at_linuxfan.com
> >http://mailman.cs.indiana.edu/mailman/listinfo/blug
>
> _______________________________________________
> BLUG mailing list
> BLUG_at_linuxfan.com
> http://mailman.cs.indiana.edu/mailman/listinfo/blug
>
--
Mark Krenz
Bloomington Linux Users Group
http://www.bloomingtonlinux.org/