passwordless saceserver? (for scripted access)

Ed Griffiths edgrif at sanger.ac.uk
Mon Sep 10 03:17:31 EST 2001


Jean,


> I do not understand the password business
> are you sending a fixed same password each time ?
> 
> the whole idea in acedb 4.7 is that the user has to provide
> a key encrypted differently each time and security comes from
> the fact that the user must gain access to some nfs disk to
> know the key
> 
> i agree that forcing nfs access was annoying
> but i thought you had a way to prevent listening to the
> password by a one time encription sytem
> 
> is that not so ?

What is sent to the server across the wire _is_ different every time, what we
were discussing here is simply the userid/passwd hash which does not include the
extra hash required to make sure that each logon is different.

salut, Ed

 ------------------------------------------------------------------------
| Ed Griffiths, Acedb development, Informatics Group,                    |
|               The Sanger Centre, Wellcome Trust Genome Campus,         |
|               Hinxton, Cambridge CB10 1SA, UK                          |
|                                                                        |
| email: edgrif at sanger.ac.uk  Tel: +44-1223-494780  Fax: +44-1223-494919 |
 ------------------------------------------------------------------------





More information about the Acedb mailing list