14 Apr
2021
14 Apr
'21
4:17 a.m.
login with usernames & passwords, which should
never go over the wire in plain text.
It may be possible to provide access behind a firewall to source IPs within the 44
address ranges…
A traditional solution to this kind of problem is to generate one-time passwords.
For example, see https://man.netbsd.org/skey.1
This arrangement ought to be compatible with rules that forbid encryption because the
password goes over the wire in plain.
It is safe because once the password has gone over the wire, it is useless to anyone who
has heard it.
Given motivation, it should not be difficult to integrate something like this.
VE0HAK