From: Daniele G. <dgi...@sy...> - 2002-01-31 12:00:04
|
Well, you may store as for webmin user password that are encrypted in /miniserv.users Also we may apply MD5 format. Thanks for kindly collaboration! Daniele Jamie Cameron wrote: > Daniele Gianetti wrote: > > > > Hi! > > I'm searching about connections between Webmin servers: I have > > registered a new > > server and set "Login via Webmin with username" adding user and > > password. > > Problem is that user and password are saved no encrypted on the file > > "etc/servers/1012381728.serv" > > and this of course is a security problem: how can I avoid the password > > to be written > > not encrypted ? > > One more information: I have set to use SSL. > > Thanks in advance! > > There isn't really any way to avoid storing the password, as it needs > to be sent in plain-text to the remote webmin server. Even if it was > encrypted, the decryption key would have to be somewhere and so there > wouldn't be any real gain in security .. One way encryption (of the > kind used in /etc/shadow) is not possible. > > - Jamie > > - > Forwarded by the Webmin development list at web...@we... > To remove yourself from this list, go to > http://lists.sourceforge.net/lists/listinfo/webadmin-devel |