Wednesday, June 25, 2003, 12:27:17 AM, Alan wrote: > [EMAIL PROTECTED] wrote: >> I agree, Alan. this is no difference when somebody have FULL access to files. >> I just want to hide password from casual observer who can see for a moment >> this file. It's like qualcomm popper saves passwords in gdb-file. >> passwords are just xor'ed there.
> That's nonsense. It slows down the casual observer for 10 seconds. >> It's no matter - RC4 or elementary XOR. >> Even 'QWxhbg' (base64 without '=' padding) looks less readable then 'Alan' ;) > And it's exactly the same, from a security standpoint. You can not to remember "YWJyYWNhZGFicmE=" for 10 seconds to decode this latter, but "abracadabra" can ;) I understand, that it's no matter how to keep plain password - encoded or not, but CASUAL OBSERVER can't remember encoded password while looks on monitor. >> Now i know how to load crypted password - i need use other attribute >> for this. After decryption perl have to add User-Password attribute to >> Check-Items. It works. > So create a new attribute. You've got access to the dictionary files. I did. Mike - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
