[ previous ] [ next ] [ threads ]
 
 From:  Christoph hanle <christoph dot hanle at leinpfad dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] feature request (hidden and encrypted passwords/pre-sharde keys)
 Date:  Thu, 21 Apr 2005 20:33:49 +0200
Neil A. Hillard schrieb:
>>i think it is no good solution, that in the webgui and the config.xml
>>the passwords for ppoe etc. and the pre-shared-key are always in
>>cleartype visible; the admin password is hidden or encrypted
>>respectively. Imho is this a big problem with the security.
> Try:
> 
> http://www.m0n0.ch/wall/docbook/faq-plaintextpass.html
> 

Thx, i have overlooked this part, but i think it might be possible to
encrypt/decrypt these passwords for example against the admin-password.
And in the web-gui you can use the "hidden" tag.
but i still think, this is a big security hole, that should be fixed.
bye
Christoph