Date: Sun, 14 Oct 2001 16:16:13 -0700 From: Sean Chittenden <sean@chittenden.org> To: Edwin Groothuis <edwin@mavetju.org> Cc: Marco Radzinschi <marco@radzinschi.com>, FreeBDS-Questions <freebsd-questions@freebsd.org> Subject: Re: How safe is SSH? Message-ID: <20011014161613.A17887@rand.tgd.net> In-Reply-To: <20011015075626.P2865@k7.mavetju.org>; from "edwin@mavetju.org" on Mon, Oct 15, 2001 at = 07:56:26AM References: <20011014031023.J44696-100000@mail.radzinschi.com> <20011015075626.P2865@k7.mavetju.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > I have my firewall blocking port 23 (telnet), but allowing port 22 > > (SSH) to go through. Now, this causes _SOME_ inconveniene when connecting > > from crappy windows machines without a SSH client on them. > > > > My question, then, is how strong is SSH? > > Is it worth the extra trouble to not allow telnet? > > It supports/gives you: > - an encrypted TCP session > - authentication of the remote host > - authentication of the user based on public/private key > - support for remote shell, remote copy and remote command > > So yes, the additional features are worth the trouble of installing > SSH in favour of telnet/rsh/rexec/rcmd. But it requires some > education (and change) of the users. You can also toss on kerberos and get encrypted telnet, rsh, rcmd, rexec, rcp commands... it takes more setup, but I've found them to be quite nice. Something to think about/consider. -sc -- Sean Chittenden To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011014161613.A17887>