[rancid] Re: unencrypted passwords in .cloginrc ...

William Yardley rancid at veggiechinese.net
Wed Nov 1 05:38:52 UTC 2006


On Thu, Oct 26, 2006 at 11:42:12PM +0200, Arnold Nipper wrote:
> On 26.10.2006 23:28 John Dworske wrote

> > Is there any way getting around using unencrypted passwords in the
> > .cloginrc file ?  My co-workers will not let me use rancid unless we
> > can come up with something more secure ?
> 
> "chmod 600 .cloginrc" is not secure enough?

I'm not exactly disagreeing with the sentiments expressed on the list,
but just to play devil's advocate.... for one thing, some businesses
have to deal with security checklists for various types of compliance,
and often there are cookie cutter requirements like "no passwords for X
type of device stored in cleartext". Now I think most people here would
probably agree that filling out a checklist isn't going to make a
network more or less secure, but the fact of the matter is that some
corporations care more concerned about saying that they checked that box
than about having actual security.

w




More information about the Rancid-discuss mailing list