From owner-freebsd-hackers  Fri Dec 22 16:36: 1 2000
From owner-freebsd-hackers@FreeBSD.ORG  Fri Dec 22 16:36:00 2000
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from fw.wintelcom.net (ns1.wintelcom.net [209.1.153.20])
	by hub.freebsd.org (Postfix) with ESMTP id B4E1537B400
	for <freebsd-hackers@FreeBSD.ORG>; Fri, 22 Dec 2000 16:35:59 -0800 (PST)
Received: (from bright@localhost)
	by fw.wintelcom.net (8.10.0/8.10.0) id eBN0Zs427958;
	Fri, 22 Dec 2000 16:35:54 -0800 (PST)
Date: Fri, 22 Dec 2000 16:35:54 -0800
From: Alfred Perlstein <bright@wintelcom.net>
To: Dan Langille <dan@langille.org>
Cc: David Preece <davep@afterswish.com>, freebsd-hackers@FreeBSD.ORG
Subject: Re: ssh - are you nuts?!?
Message-ID: <20001222163554.Q19572@fw.wintelcom.net>
References: <200012222337.PAA20885@spammie.svbug.com> <5.0.0.25.1.20001223132307.01b00b70@pop3.i4free.co.nz> <200012230032.NAA13382@ducky.nz.freebsd.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <200012230032.NAA13382@ducky.nz.freebsd.org>; from dan@langille.org on Sat, Dec 23, 2000 at 01:32:36PM +1300
Sender: bright@fw.wintelcom.net
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

* Dan Langille <dan@langille.org> [001222 16:33] wrote:
> On 23 Dec 2000, at 13:25, David Preece wrote:
> 
> > At 15:37 22/12/00 -0800, you wrote:
> > 
> > >The question asked is: why you believe ssh is beter
> > >than say telnet. Or what advantages SSH has in general.
> > 
> > Sorry, don't have time to reply to this properly.
> > 
> > The main evil of ssh is that server authentication is not enforced, making 
> > mounting a man-in-the-middle attack basically trivial.
> 
> It is possible.  It is not trivial.

No, it's practically impossible when correct precautions are
taken.

-- 
-Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org]
"I have the heart of a child; I keep it in a jar on my desk."


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message