Re: [LI] POP mail security

[Manoj Victor Mathew <mvm@xxxxxxxxxxxxxxx>]

On Thu, Jan 06, 2000 at 02:42:01PM +0530, Tusar wrote:
> Tusar>What is the best way to protect my users passwords from being sniffed?
> Tusar>Can a user use an encrypted tunnel to send the userid and password to
> Tusar>the pop server?
> This I use .. but for that u need to have an shell account on the server
> and should be running sshd .. 
> 
> defaults 
> user tusarp is tusar
> no rewrite 
> poll localhost with protocol pop3 and port 11110: 
> preconnect "ssh -C -f tusar@server -L 11110:servername:110 sleep 5"
>        password mypassword
> 

How about using APOP instead of POP3? Is that not secure enough?


-- 
Do you support 'free software'?  Visit http://mvm.linuxbox.com
Visit the ILUG-Cochin home page at http://www.netshooter.com/ilug-cochin

Manoj Victor Mathew  (GPG#: 3D96A9B9)
Cochin, India.
--------------------------------------------------------------------
The Linux India Mailing List Archives are now available.  Please search
the archive at http://lists.linux-india.org/ before posting your question
to avoid repetition and save bandwidth.