Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ARD passwords encrypted?

At 03:49 PM 5/10/2006, you wrote: 
Anyone know if/how ARD encrypts passwords?  I am curious, when you
connect to a client a password is sent, how does ARD send it?  Also
when running scripts as root or with sudo, a password must be exchanged.

From the ARD 2.2 Admin Guide (I can't find an ARD 3 guide...):
----------
Authentication to Apple Remote Desktop clients uses an authentication method which is based on a Diffie-Hellman Key agreement protocol that creates a shared 128-bit key. This shared key is used to encrypt both the name and password using the Advanced Encryption Standard (AES). The Diffie-Hellman Key agreement protocol used in ARD 2 is very similar to the Diffie-Hellman Key agreement protocol used in personal file sharing, with both of them using a 512-bit prime for the shared key calculation. With Remote Desktop 2, keystrokes and mouse events are encrypted when you control Mac OS X client computers. This information is encrypted using the Advanced Encryption Standard (AES) with the 128-bit shared key that was derived during authentication.

Warning: If you are using ARD to manage computers over public networks, consider using a virtual private network (VPN) solution to protect your information.
--------------------
I think it's odd that Apple thinks that a VPN is needed, despite the comm already being encrypted... if someone has ideas why I'd like to hear it.


_______________________________________________
Do not post admin requests to the list. They will be ignored.
Remote-desktop mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/remote-desktop/email@hidden

This email sent to email@hidden
References: 
 >ARD passwords encrypted? (From: Brad Schonhorst <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.