[cvsnt] Re: sspi vs. ssh ?!?

Tony Hoyle tmh at nodomain.org
Sat Nov 8 14:38:46 GMT 2003


On Sat, 08 Nov 2003 15:10:14 +0100, Ralf Steinhaeusser
<stralf at gmx.net> wrote:


>1.) Is there a way to use sspi with a "keyfile" or something similar
>instead of the login-password?
>(Our LAN-computers are behind a firewall, so our login-passwords tend
>to be dumb and short and I guess this makes them easy to crack)

Not really - NTLM encryption keys are only loosely derived from the
passwords.  You should probably have strong ones though because brute
force attacks are still possible (not really just a CVS problem - eg.
what happens if someone plugs a laptop into your LAN?  Things like
lohptcrack can find simple passwords in seconds).

Tony


More information about the cvsnt mailing list