BIND 10 #2716: password in ~/.bind10/default_user.csv is cleartext
BIND 10 Development
do-not-reply at isc.org
Sun Feb 17 11:16:39 UTC 2013
#2716: password in ~/.bind10/default_user.csv is cleartext
-------------------------------------+-------------------------------------
Reporter: cas | Owner:
Type: defect | Status: new
Priority: medium | Milestone: Next-
Component: Unclassified | Sprint-Proposed
Keywords: | Resolution:
Sensitive: 0 | CVSS Scoring:
Sub-Project: DNS | Defect Severity: N/A
Estimated Difficulty: 0 | Feature Depending on Ticket:
Total Hours: 0 | Add Hours to Ticket: 0
| Internal?: 0
-------------------------------------+-------------------------------------
Comment (by cas):
I think the role model for this kind of authentication is SSH
public/private key authentication. Instead of using passwords, have the
user generate a key pair. Store the public part on the server, store the
private part on the client machine.
--
Ticket URL: <https://bind10.isc.org/ticket/2716#comment:4>
BIND 10 Development <http://bind10.isc.org>
BIND 10 Development
More information about the bind10-tickets
mailing list