On Thu, 2005-11-10 at 20:37 -1000, Randy Bush wrote:
btw, for another great giggle (many thanks to brian candler for reporting it)
From the documentation for Cisco's VPN client software for Linux: http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_user_guide_ch...
"User profiles [which contain all your IPSEC parameters: pre-shared key, username and password] reside in the /etc/CiscoSystemsVPNClient/Profiles/ directory. Leave the permissions for the Profiles folder set at drwxrwxrwx. Each profile in the Profiles folder should have the follwoing permissions: -rw-rw-rw-."
The password string is encrypted in the Profile, however, when you save it...
encrypted how? cyrpt? md5? cisco7? Some way proven to take 'very long' to decrypt? is the passwd really necessary or is only the hash required? this is just wholey irresponsible of any vendor, nevermind one that should really know better :(