Re: Re: IRCXpro 1.0 - Clear local and default remote admin passwords

["Pablo Sol�" <pablo_sole () myp net ar>]

> Many programs need a private key for encryption.  Possession of this key is usually part if not all of the decision 
> for authentication.  
>
> The only relatively safe way of maintaining this key on disk is to encrypt it and require a decryption password from 
> the user when starting the process.  
>
> Unfortunately, system admins have a beef with servers that restart and require an operator to input a password to get 
> the >services up, especially in production environments.  

An example of this is when you run a https server with a signed cert and non empty passphrase. You need to put the key 
everytime you restart the service.

IMHO, a solution could be some kind of hard-key (EEPROM connected to the parallel port).

pablo.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html