On Tue, Jun 26, 2001 at 10:22:05PM -0400, Benjamin Coates wrote: > As long as we have a secure way of negotiating the FCP port and don't rely on > an assumed default port. (it'd be too easy for another local user to listen > on the default port and spoof a FCP password request)
Hmmm, good point. This suggests that a slightly more robust challenge-response approach would be preferable, at the risk of increasing the difficulty of client authorship. With the addition of a secure hashing algorithm to the client (SHA1 anyone?) this can be achieved. The protocol is: 1) Client connects to FCP port on node 2) node sends random string to client 3) client appends random string to plaintext password and hashes result 4) node does same 5) client sends hash to node which compares its hash to the one created by the client, and if they are the same the client is authenticated Perhaps there is an easier hashing algorithm (from an implementation standpoint) that we could use in place of SHA1 which would also be secure. Ian. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010626/c242bc9b/attachment.pgp>
