[svlug] SSH password question

Yani Copas yani at etoys.com
Sun Nov 8 14:17:47 PST 1998


Hans Cathcart wrote:
> 
> Hi,
> I'm using SSH to log into my servers, but I'm also using POP to check my
> mail. Since both SSH and POP look at the /etc/passwd file, I see a security
> problem. If someone traps my POP session password, which is not encrypted,
> they can then log in through SSH. Is there an easy, straight-forward way of
> having different passwords?

Our pop server is running qmail and the passwords are stored in the mail
account setup area - not in /etc/passwd at all.  (I'm not sure if this
is safer, because they're stored plaintext.)  

Yani

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe



More information about the svlug mailing list