[RADIATOR] Password/certificate security seems next to none on Radiator server
Nadav Hod
nadav.hod at comm-it.co.il
Thu Oct 1 08:36:55 CDT 2015
Hi Nick,
Specific hardware for securing files on your server shouldn't be necessary for the use cases I'm suggesting. I've just integrated Radiator for the first time and I was shocked that for each NAS I had to keep the password in plaintext.
Radiator is installed on servers worldwide whether physical or VM, I believe that each of them (regardless of hardware) should be provided with at least the same security as NPS which knows how to accept user passwords in plaintext and then obfuscate them (whether encrypted, hashed or otherwise).
A solution can be integrated via software, and my suggestions use perl and openssl to secure sensitive information. Therefore only integration is necessary without new environments.
________________________________________
From: Nick Lowe [nick.lowe at lugatech.com]
Sent: Thursday, October 01, 2015 4:23 PM
To: Nadav Hod
Cc: radiator at open.com.au
Subject: Re: [RADIATOR] Password/certificate security seems next to none on Radiator server
If you wanted robust protection here, you would likely want to go down
the route of a TPM or equivalent.
Nick
More information about the radiator
mailing list