Every day I ssh in to 3 or 4 independent Unix accounts. I have been regarding them as more or less "equivalently secure" on the grounds that I'm using ssh, but after learning of how much variety there is out there in password-hashing schemes and their resistance against dictionary attacks I've become a lot more interested in learning the specific details for the systems I use.
I have found some too-brief summaries of what some OSs use by default (e.g., see here), but I'd like something more detailed. More importantly, I'm less interested in what various OSs do "out-of-the-box" than in what the specific systems I log in to do. Is there a standard way to find this information?
(I hope this question is not too naive. Yes, of course, a password cracker would also like to know the information I'm asking about, but my understanding is that no competently designed password-handling scheme hinges on its being secret. Therefore, I expect that the information I'm after should be readily available to the users of a system.)
Aucun commentaire:
Enregistrer un commentaire