Dont want to use plain text password in yum.conf
location: linuxexchange.com - date: January 1, 1970
So when it comes to hiding behind proxies in RHEL machines, there are a lot of proxy authentication errors I face. Even though I have used cntlm (cntlm.conf) to use proxies, using YUM to install any package considers /etc/yum.conf. The problem here is, that I have to use my plain text password, which I want to avoid. Is there any option so that I can encrypt the proxy_pass that I am providing in /etc/yum.conf ??
Sample yum.conf file:
In the above file, I want a encrypted password instead of plain text.
SSH: When logging in, is the password in plain text / sniffable? [closed]
location: linuxexchange.com - date: July 5, 2011
I realise this question is subjective.
I am curious about the intelligability of an SSH password when an SSH tunnel is created. Does the secure session begin once the password has authenticated, or is the password itself encapsulated in this secure connection?
After an interesting debate in the office this morning, and aside of the possibility of an SSH password becoming compromised on a client with a keylogger, I am curious as to the possibility that an SSH password could also become compromised using packet sniffing tools on the LAN, or installed on any proxy between the Client and the Server. It's opened up a wider debate about the wisdoms of logging into private services (like a home NAS, or email) via an SSH tunnel whilst logged onto a client operating behind a/several intermediate proxy/ies. (ie, at work), especially with claims that tools such as Ettercap are capable of spying into SSH packets.
I assume that the same considerations could be made of SSL/HTTPS where a website d
How can we store password other than plain text?
location: linuxexchange.com - date: April 18, 2010
I've found numerous posts on stackoverflow on how to store user passwords. However, I need to know what is the best way to store a password that my application needs to communicate with another application via the web? Currently, our web app needs to transmit data to a remote website. To upload the data, our web app reads the password from a text file and creates the header with payloads and submits via https.
This password in plain text on the file system is the issue. Is there any way to store the password more securely?
This is a linux os and the application is written in python and is not compiled.
There are no users involved in this process at all. The password stored in the file system is used by the other web app to authenticate the web app that is making the request. To put it in the words of a commenter below:
"In this case, the application is the client to another remote application." (Thanks Joe for helping me clarify.)
Obscuring network proxy password in plain text files on Linux/UNIXlikes
location: linuxexchange.com - date: August 24, 2008
Typically in a large network a computer needs to operate behind an authenticated proxy - any connections to the outside world require a username/password which is often the password a user uses to log into email, workstation etc.
This means having to put the network password in the apt.conf file as well as typically the http_proxy, ftp_proxy and https_proxy environment variables defined in ~/.profile
I realise that with apt.conf that you could set chmod 600 (which it isn't by default on Ubuntu/Debian!) but on our system there are people who need root priveleges .
I also realise that it is technically impossible to secure a password from someone who has root access, however I was wondering if there was a way of obscuring the password to prevent accidental discovery. Windows operates with users as admins yet somehow stores network passwords (probably stored deep in the registry obscured in some way) so that in typical use you won't stumble across it in plain text
I only ask since the
[SOLVED] Dual boot slackware fedora 20 dont want to use grub
location: linuxquestions.com - date: August 6, 2014
Hello everyone. I have a bit of a problem, and being the slacker that I am , I would like to resolve this problem with the least amount of effort!
So I have installed fedora over my Windows 8 install on one of my hard disks because Windows 8 decided to take a shit on me one day, big surprise! I've been using Slackware everyday for the last year or so and I almost forgot what a crash was, but good old Windows reminded me.
Anyways, I installed grub to the MBR it boots fedora 20 just fine if I select the drive from the bios selection screen. I tried adding it to lilo by simply modifying the Windows entry I had there to reflect the new Fedora install and it failed to work, or lilo would not run. So then I created an fstab entry for the fedora install and mounted the partition and pointed lilo to the kernel image and initrd file and it starts to boot then gives nasty error and halts the system.
I have also now just copied the fedora kernel and initrd into my slackware boot folde
Doom 95 on Ubuntu (i dont want prboom)
location: linuxquestions.com - date: August 25, 2007
I want to download the original doom for ubuntu so i can play with my friends in deathmatch
i would like a good version and how to install it thanks
force ssh to use key AND password
location: linuxquestions.com - date: May 5, 2009
Is there anyway I can force ssh connections to require a known key and a user password before allowing successful login?
Does ubuntu use salts in Password Hashing?
location: ubuntuforums.com - date: July 28, 2009
I recently got into rainbow tables and the like and cracked several windows computers in an average of under 5 minutes. Now im curious as to the extent you can use rainbow tables to crack. I started reading and i read about the use of salts in hashing the password. Does ubuntu use a salt when making a password hash? Cause i would feel a hell of a lot safer if it did lol
also to what extent can you use rainbnow tables to crack things? is it ONLY for hashed passwords?
Why I donít want a laptop that can run Linux
location: ubuntuforums.com - date: June 4, 2007
what do you people think? too "pretentious"?...
upgrade failed, want to copy text from terminal and paste into chrome browser
location: ubuntuforums.com - date: May 24, 2013
Chromium browser is installed and is horrible, messes up email, I hate it.
Cannot install firefox, failed to retrieve some packages.
tried update and clean commands and trying various commands, but cannot even copy the error messages and search the internet for solutions. tried ctrl shift c and ctrl insert, shift insert.
I just want to use a common clipboard between terminal and other applications. Actually, so does everybody else. That's the whole point of a clipboard.
you see Ubuntu was nagging me to upgrade, so I click upgrade and it failed and left system unbootable, crashes in the first ten seconds.
then I tried to boot Mint from an external hard drive, but it started booting and then changed it's mind and continued booting from the xbmclive cd!?? Believe it or not it booted the XBMCBUNTU live distro but required Mint login credentials! That's linux security in action, an accidental hijacking.
So I re-boot live CD XBMCBUNTU and click install and then select upgrade as
Page: 1 2 3 4 5 6 7 8 9 10