From owner-freebsd-questions@FreeBSD.ORG Wed Sep 20 17:04:06 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4165816A403 for ; Wed, 20 Sep 2006 17:04:06 +0000 (UTC) (envelope-from backyard1454-bsd@yahoo.com) Received: from web83114.mail.mud.yahoo.com (web83114.mail.mud.yahoo.com [216.252.101.43]) by mx1.FreeBSD.org (Postfix) with SMTP id 0FC8243D88 for ; Wed, 20 Sep 2006 17:03:41 +0000 (GMT) (envelope-from backyard1454-bsd@yahoo.com) Received: (qmail 92692 invoked by uid 60001); 20 Sep 2006 17:03:41 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Reply-To:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=Bt999eFVbwGm50C05Gf45EN/ixGnJTqhRbGguo7hd99ZDXC80tJbcJoDGXbpHD/bRTNeGN8ewSXsgmAM8Iwfls1FUbQdUaE9sBngVUELm2XxreU7FBJoXQgm/3KuMUNR6HGjKfrephqb1rjnNQyTIa6vwo5wZBUXTSZtL6gxM0Q= ; Message-ID: <20060920170341.92690.qmail@web83114.mail.mud.yahoo.com> Received: from [63.240.228.37] by web83114.mail.mud.yahoo.com via HTTP; Wed, 20 Sep 2006 10:03:41 PDT Date: Wed, 20 Sep 2006 10:03:41 -0700 (PDT) From: backyard To: "Dan Mahoney, System Admin" , backyard In-Reply-To: <20060919183404.H68018@prime.gushi.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: questions@freebsd.org Subject: Re: sshd brute force attempts? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: backyard1454-bsd@yahoo.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Sep 2006 17:04:06 -0000 --- "Dan Mahoney, System Admin" wrote: > On Tue, 19 Sep 2006, backyard wrote: > > > In reality using passwords with SSH kinda defeats > the > > purpose of SSH. > > Keeping passwords from being sent across the network > as cleartext? > > -Dan ssh will encrypt them of course but... the nosey snoop watching over your shoulder can see the keys you type, or the tricky guy that has installed a STDIN monitor hack, or enabling debugging of the console by mistake and having it appear in the syslogs. Using keys means you never have to use a password, other then locking the key. The key should always have a different password from the login. Using keys is the point of SSH so you can eliminate passworded logins making sure no one sees them at all. -brian > > -- > > "Of course she's gonna be upset! You're dealing > with a woman here Dan, > what the hell's wrong with you?" > > -S. Kennedy, 11/11/01 >