Date: Sat, 6 Dec 1997 21:17:58 +0200 (EET) From: Narvi <narvi@Haldjas.folklore.ee> To: Jacques Vidrine <nectar@NECTAR.COM> Cc: "David E. Cross" <dec@phoenix.its.rpi.edu>, freebsd-hackers@FreeBSD.ORG Subject: Re: Telnet Root access Message-ID: <Pine.BSF.3.96.971206211537.20055A-100000@haldjas.folklore.ee> In-Reply-To: <Pine.BSF.3.96.971205232838.3763A-100000@kai.communique.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 5 Dec 1997, Jacques Vidrine wrote: > > Actually, who knows if SSH is _really_ safe? Have you checked with a > packet sniffer to see if everything is really encrypted all the time? > > Personally, I only use my computer from a serial console (they can sniff > modern monitors too easily). Never even across phone lines. Sometimes I > get nervous if I can't see the entire length of my serial cable!! > > :-) :-) > The parandoid are the paranoid. And why do you think snooping non-modern monitors is harder? > > Seriously it would be a boon to all if ssh was installed by default and > you had to work to get telnetd running ... of course I know this won't > happen. If only there were several good, free Windoze ssh > implementations. Like it is illeagal to export ssh from the US? Like there is no free ssh client for windows? > Jacques Vidrine <n@nectar.com> > > On Fri, 5 Dec 1997, David E. Cross wrote: > > IMO: sending the root password plaintext over the network at any time is a > > *NO*. I *only* use ssh to connect as root (even when su-ing), and only > > from a host I trust, and a binary I trust. I have learned the hard way > > not to compromise on neteork/system security. > > > > -- > > David Cross > > ACS Consultant > Sander There is no love, no good, no happiness and no future - all these are just illusions.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971206211537.20055A-100000>