At 9:32 AM +1000 8/9/06, Antony Mawer wrote:
What if we improved upon this - if instead of storing
the hostname and IP address, we stored a one-way hash
of this information? OpenSSH in recent versions takes
the same approach with its authorized_keys files...
A scattered list of ideas:
It might be useful to keep part of the domain-name
in plain-text. Just a minimal part, such as '.edu'
or '.co.uk'. So that would be one value sent/saved.
Then have an MD5 hash of `hostname` (hashing the full
hostname, including full domain), or maybe a hash of
the output from: hostname ; ifconfig | grep ether
Eg: hostname ; ifconfig | grep ether
(this machine has two ethernet cards in it, and no,
those are not the real MAC addresses of the cards... :-)
==> (hostname ; ifconfig | grep ether) | md5
Maybe combine that with the partial-domain, to get
Further, whatever value you decide to use to create a
unique value, you could just save that value away in
some file under /var/db . If the file does not exist,
then create it and store the probably-unique value.
That way you can pick some algorithm which should
produce a unique result, and not worry if the value
of that algorithm might change (on a single machine)
over time. You'll only calculate it once, and then
keep using that result.
Garance Alistair Drosehn = [EMAIL PROTECTED]
Senior Systems Programmer or [EMAIL PROTECTED]
Rensselaer Polytechnic Institute; Troy, NY; USA
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"