Re: Is there any way...

Sergei Viznyuk (
Thu, 26 Feb 1998 22:53:28 -0500

-----Original Message-----
From: David Schwartz <>
To: <>
Cc: Sergei Viznyuk <>;
Date: Thursday, February 26, 1998 8:24 PM
Subject: Re: Is there any way...

>>On Tue, 24 Feb 1998, David Schwartz wrote:
>>> >I want a very simple thing: to be able to
>>> >encrypt AND DECRYPT password.
>>> You don't mean that. If everyone else can decrypt my password, why
>>> encrypt it? Perhaps you mean that they can _validate_ my password?
>>Perhaps he wants to do password storage, ala windows dialup networking.
> If that were the case, he'd only want the password's owner to be able
>decrypt it. He has to clarify his requirements and what he's trying to do
>order for us to figure out what he wants. I invite the original author to
>email me more details of exactly what he's trying to do and I'll be happy
>mail him back a summary of different encryption technologies and how they
>could be used to meet his requirements.

Hi !

I'm the original author of this thread.
Here is the actual problem I'm trying to resolve:

The Time Warner RoadRunner cable service client
for Linux (rrclientd-1.3.tar.gz)
uses Kerberos protocol and Kerberos utilities
"kinit", "kdestroy", etc for authentication.
To do so automatically it stores the
_unencrypted password in /etc/rrpasswd file.
I think it sucks to use Kerberos while having
unencrypted password written down on your hard drive.
Sort of post office with tanks..

So I would like to be able to have _encrypted password
in /etc/rrpasswd while at the same time have only the
real owner be able to decrypt it and pass to "kinit",
providing the source code of all utilities is public.

This poses kind of a puzzle since encryption and
subsequent decryption of the password requires
some "secret string" which only owner of the password
may know, but storing this "secret string" anywhere
defeats the purpose..

I posted my question on linux-kernel list because
I thought to use some "internal" kernel global variable
as a "secret" providing there is such variable which is
unique for each user and unknown to other users.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to