Discussions
Categories
- 17.9K All Categories
- 3.3K Industry Applications
- 3.2K Intelligent Advisor
- 59 Insurance
- 534.2K On-Premises Infrastructure
- 137.6K Analytics Software
- 38.5K Application Development Software
- 5.3K Cloud Platform
- 109.1K Database Software
- 17.5K Enterprise Manager
- 8.8K Hardware
- 70.8K Infrastructure Software
- 105.1K Integration
- 41.5K Security Software
DDNS: Is there a way to setup separate passphrases for each host?
Is there a way to setup separate passphrases for each host? When I use ddclient, as outlined here: https://help.dyn.com/ddclient/ , it seems as though the only way for each host to check in is with the same username and password. I notice that those same values control access to the web portal at Dyn. This seems like a security flaw. Is there a way to get a separate passphrase for each host on the account? If so, how is this done?
Thanks in advance.
Answers
-
With DynDNS Pro there is no way to have a separate password for each host, but you can use the Client Updater Key instead of the account password for DDNS updates.
In case you want to offer such hostnames to your customers, then this is the wrong unintended purpose for this service. This is not recommended. The service is for own use only, and therefore your security concerns do not really apply.
-
If a host running an updater client were compromised, and the username and password for the account was stored on that host, then how would a customer's account be protected from abuse?
-
Neither does a host run an updater client, nor are credentials stored on a host. How are customer accounts been protected from abuse? They are protected by your credentials, and it is up to you how strong your credentials are. If something is compromised, then your credentials were too weak.
Why do you ask such questions? What is your scenario which is so insecure and weak?
-
As Rot had shared, Remote Access services were intended for personal use, not businesses who support clients. As such they do not allow for multiple user log ins. You can choose to generate an updater key which would be used in place of the password for the account, however if you generate a key all devices associated with the account will require you to reenter the newly generated key.
The alternate is to create a unique user account for your client and purchase a service pack to be used on only their devices.
Mike
Oracle + Dyn