12-16-2014
Quote:
Originally Posted by
jim mcnamara
Regarding keys -- When not in use (ie standing somewhere) the half-keys should be encrypted - both on the user side and the system side. Otherwise they are sitting ducks.
How does one avoid the rube goldberg problem, though? That being, extra encryption/decryption steps where the server knows its own key gains nothing but extra heat and wasted time.
Quote:
Whenever someone cracks your code for the key encryption algorithm, then they win. Period.
How so? Knowing the algorithm won't get them the keys.
Quote:
Unless forward perfect secrecy is mandated take a value-based approach.
I'm not storing financial information, it's more of an admin tool.
Quote:
If somebody can reverse engineer code, or get your source easily, then most things you can do are pointless.
Again, how? Knowing the algorithm does not hand them the keys -- it tells them what they need to steal, but does not give them access.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am running unix 11.xxx....How do you change a user password. The previous vs was passwd at the command prompt. This no longer works. Thanks for the help (3 Replies)
Discussion started by: turner.rd
3 Replies
2. Shell Programming and Scripting
Is there a way not to display the password in the sys out when your korn shell script logs into sqlplus? (3 Replies)
Discussion started by: lesstjm
3 Replies
3. UNIX for Dummies Questions & Answers
Hope I'm in the right place to ask this.
... and I'm a total noob by the way.
When changing an account password through telnet, everything seems fine. I can telnet back in afterward, but if I try to use sqlplus to get in it tells me password invalid. If I try to get in through sqlplus with the... (1 Reply)
Discussion started by: tazman4
1 Replies
4. AIX
I want to store a password of a user in a encrypted format and the use that encrypted password in my shell scripting. can any one of you let me know how to do it.
Thanks in advance (0 Replies)
Discussion started by: kalpana.anuga
0 Replies
5. UNIX for Advanced & Expert Users
How the unix is maintaining the password ?
How it does the encryption and how the passwords are stored in the system and where it is stored ?
How it is better when compared to other OS ? (1 Reply)
Discussion started by: nagalenoj
1 Replies
6. OS X (Apple)
Can anyone tell me how to set up ssh and keychain so when I connect to the remote system it uses keychain for the password or public key? The remote system is FreeBSD 8.0. Do I need to setup anything else on that end?
Cheers. (0 Replies)
Discussion started by: Haggardly
0 Replies
7. Shell Programming and Scripting
Dear all,
I need to automate/script a user password change process. I'm helpless cannot use expect since it's not installed and cannot install it either. Do i have an alternative. I can store the password in a file and that would be the password that would be set to all the users. If not i don't... (1 Reply)
Discussion started by: earlysame55
1 Replies
8. UNIX for Advanced & Expert Users
I've been using various versions of UNIX and Linux since 1993, and I've never run across one that showed your password as you type it in when you log in, or one that stored passwords in plain text rather than encrypted. I'm writing a script for work for a security audit, and two of the... (5 Replies)
Discussion started by: Anne Neville
5 Replies
9. HP-UX
version 11.22
1 - In this version there is the shadow file by default?. If so why when I search the file I get "No / etc / shadow file found"?
2 - What does the "*" in etc / password? at the beginning of each password? (1 Reply)
Discussion started by: shinju15
1 Replies
LEARN ABOUT DEBIAN
page_util_quote
page_util_quote(3tcl) Parser generator tools page_util_quote(3tcl)
__________________________________________________________________________________________________________________________________________________
NAME
page_util_quote - page character quoting utilities
SYNOPSIS
package require page::util::quote ?0.1?
package require snit
::page::util::quote::unquote char
::page::util::quote::quote'tcl char
::page::util::quote::quote'tclstr char
::page::util::quote::quote'tclcom char
_________________________________________________________________
DESCRIPTION
This package provides a few utility commands to convert characters into various forms.
API
::page::util::quote::unquote char
A character, as stored in an abstract syntax tree by a PEG processor (See the packages grammar::peg::interpreter, grammar::me, and
their relations), i.e. in some quoted form, is converted into the equivalent Tcl character. The character is returned as the result
of the command.
::page::util::quote::quote'tcl char
This command takes a Tcl character (internal representation) and converts it into a string which is accepted by the Tcl parser, will
regenerate the character in question and is 7bit ASCII. The string is returned as the result of this command.
::page::util::quote::quote'tclstr char
This command takes a Tcl character (internal representation) and converts it into a string which is accepted by the Tcl parser and
will generate a human readable representation of the character in question. The string is returned as the result of this command.
The string does not use any unprintable characters. It may use backslash-quoting. High UTF characters are quoted to avoid problems
with the still prevalent ascii terminals. It is assumed that the string will be used in a double-quoted environment.
::page::util::quote::quote'tclcom char
This command takes a Tcl character (internal representation) and converts it into a string which is accepted by the Tcl parser when
used within a Tcl comment. The string is returned as the result of this command.
BUGS, IDEAS, FEEDBACK
This document, will undoubtedly contain bugs and other problems. Please report such in the category page of the Tcllib SF Trackers
[http://sourceforge.net/tracker/?group_id=12883]. Please also report any ideas for enhancements you may have.
KEYWORDS
page, parser generator, quoting, text processing
CATEGORY
Page Parser Generator
COPYRIGHT
Copyright (c) 2007 Andreas Kupries <andreas_kupries@users.sourceforge.net>
page 1.0 page_util_quote(3tcl)