11-06-2010
Was this requirement forced down your throat by crazed management? I've heard 'security' used as an excuse for the complete and total lack of it far too many times; storing passwords in plaintext form is a very bad idea. It's extremely hard to protect them.
If you absolutely have to, the 'expect' tool may help you, but it's a kludge.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Can we write a script to telnet to a unix server from unix with the username and password hardcoded in the script??
something like ssh a@b -p password ??? (5 Replies)
Discussion started by: roshanjain2
5 Replies
2. UNIX for Dummies Questions & Answers
hi all,
i run sqlplus command on unix(HP-UX)
like "sqlplus username/password@serverA @deneme.sql"
but when someone run "ps -ef | grep sqlplus", it can see my username and password :(
How can i hide username and password.
thanx. (1 Reply)
Discussion started by: temhem
1 Replies
3. UNIX for Advanced & Expert Users
Hi ,
I have an issue with sftp username as i have @ character in the username.
eg: username=abc@123
when i do as below,
sftp abc@123@servername # Its taking only 123@servername .
Also, i tried following options,
sftp abc\@123@servername
sftp 'abc\@123'@servername
Please... (2 Replies)
Discussion started by: mohanpadamata
2 Replies
4. Shell Programming and Scripting
Hi All,
Good morning !!
I have to connect to a sftp server using following details,
1) username contains "@" as part of it. eg: xyz@abc@servername
2) We have to use password to connect to the server.
Could you please advise the solution for this?
Thanks in advance
Regards,
Mohan (1 Reply)
Discussion started by: mohanpadamata
1 Replies
5. Shell Programming and Scripting
Hi
I am new to using unix and am struggling with a script i am writing. What i am trying to do is get a user to enter a username, check the original file i created with username and pin to see if their is a corresponding entry. Next ask the user to enter the pin and see if this matches... (5 Replies)
Discussion started by: somersetdan
5 Replies
6. Red Hat
Hello,
I have a weird issue, I have RHEL 5.7 running with openssh5.2 where sftpgroup OS group is chroot. I see the difference difference in timestamp on files, when I login via ssh and SFTP, I see four hour difference, is something missing in my configuration.
#pwd... (8 Replies)
Discussion started by: bobby320
8 Replies
7. UNIX for Dummies Questions & Answers
Hi, everyone, I am trying to write a script to login automatically using username and password to an sftp server (the key authentication has been disabled so I cannot use that method).
I tried to search online for a solution and found a way using "expect" but my boss does not want me to use... (4 Replies)
Discussion started by: warmboy610
4 Replies
8. Shell Programming and Scripting
Hi,
I am using public key authentication for login into a remote sftp server (password less login).
so i have set up a password less login according to this link . i have copied the content of my .pub file to remote server's authorized_keys2 file.
i want to find out whether my .pub file... (2 Replies)
Discussion started by: Little
2 Replies
9. UNIX for Advanced & Expert Users
Hi All,
I have an SFTP server where there are user id's created for vendors and given only SFTP access for them (eg: given below)
jim.tran:x:10040:10008:abc.def@ghi.com:/dropbox:/bin/false
They cannot login to the server via SSH and can only do an SFTP. These users are set up as jailed... (1 Reply)
Discussion started by: nathsaba
1 Replies
10. Windows & DOS: Issues & Discussions
Hi all,
For one of our server (Windows 2008R2), we sometimes will received "login failed username password is incorrect" when login in as domain account (the username & password is correct).
Only after a reboot of the server (using local account), we can login without the above error.
Can... (2 Replies)
Discussion started by: beginningDBA
2 Replies
LEARN ABOUT DEBIAN
popa3d
POPA3D(8) System Administration POPA3D(8)
NAME
popa3d - Post Office Protocol (POP3) server
SYNOPSIS
popa3d [-D] [-V]
DESCRIPTION
popa3d is a Post Office Protocol version 3 (POP3) server.
A POP3 server operates on local mailboxes on behalf of its remote users. Users can connect at any time to check their mailbox and fetch
the mail that has accumulated. The advantage of this "pull" approach is that any user with a simple POP3-capable mail reader program can
receive mail, eschewing the need for a full-fledged Mail Transfer Agent (MTA) and a permanent network connection.
Note that POP3 can only be used to retrieve mail, not to send it. To send mail, the SMTP protocol is commonly used.
For access to a mailbox through POP3, the username must be in the password database. Additionally, popa3d does not permit null passwords
and will refuse to serve mail for root (UID 0) users.
OPTIONS
-D Standalone server mode. In this mode, popa3d will become a daemon, accepting connections on the pop3 port (110/tcp) and forking
child processes to handle them. This has lower overhead than starting popa3d from an inetd equivalent (which popa3d assumes by
default) and is thus useful on busy servers to reduce load. In this mode popa3d also does quite a few checks to significantly
reduce the impact of connection flood attacks.
-V Print version information and exit.
COMMANDS
A normal POP3 session progresses through three states: AUTHORIZATION, TRANSACTION, and UPDATE.
After the TCP connection opens, the client must authenticate itself to the server during the AUTHORIZATION state. The following commands
are supported in the AUTHORIZATION state (all command names are case-insensitive).
USER name
Authenticate as user name.
PASS string
Authenticate using password string.
QUIT Quit; do not enter UPDATE state.
When authorization is successful, the server enters the TRANSACTION state. The client can now list and retrieve messages or mark messages
for deletion. The following commands are supported in the TRANSACTION state.
DELE msg
Mark message for deletion.
LAST Show highest message number accessed (obsolete).
LIST [msg]
List message number and size.
NOOP Do nothing.
QUIT Quit; enter UPDATE state.
RETR msg
Retrieve message.
RSET Clear deletion marks.
STAT Return total number of messages and total size.
TOP msg n
Show top n lines of message body.
UIDL [msg]
List message number and digest.
When the client issues the QUIT command in the TRANSACTION state, the server enters the UPDATE state. All messages that were marked for
deletion are now removed. The server then closes the connection.
BUGS
POP3 transmits passwords in plaintext and thus, if you care about the security of your individual user accounts, should only be used either
in trusted networks or tunneled over encrypted channels.
There exist extensions to the protocol that are supposed to fix this problem. popa3d does not support them yet, partly because this isn't
going to fully fix the problem. In fact, APOP and the weaker defined SASL mechanisms such as CRAM-MD5 may potentially be even less secure
than transmission of plaintext passwords because of the requirement that plaintext equivalents be stored on the server.
AUTHORS
Solar Designer <solar at openwall.com>
This manual page is based heavily on the one Camiel Dobbelaar wrote for OpenBSD.
SEE ALSO
Official Internet Protocol Standard STD 53, also known as RFC 1939.
http://www.openwall.com/popa3d/
Openwall Project 2 March 2003 POPA3D(8)