[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] RE: telnet vs ssh

Subject: Re: [cobalt-users] RE: telnet vs ssh
From: "David B. Peterson" <dave@xxxxxxxxxxx>
Date: Fri Dec 17 13:28:54 1999

Do you mean the "sshd1 allows unencrypted sessions regardless ofserver policy" thread?

That's one, I think there was another too. Someone who must berunning servers for banks over there because he said he would neverput up an ssh1 server now that ssh2 is out, regardless of whichversion his client connections were.

It's still a lot better than telnet <smile>. And as David Schwartz'post of December 14th points out, a server cannot protect youagainst a client compromise.
Not easily, I add.

It's a hell of a lot better than telnet. And it is much better ifyou turn off all non-encrypted authentication on the box (ftp too.)scp seems to be working for me.

Of course it is best of you power off the machine, encase it inconcrete, place it in a locked room in the bowels of a nuclear wastefacility. But that seems to be going a little too far.

The tin man wanted a heart. The scarecrow wanted a brain. I'dsettle for enough time to follow bugtraq <smile>.

I try to only give it about 10 minutes a day. Just enough to keep upwith exploits on the software that I use.


-Dave

--
  David B. Peterson    Metagraphics, Inc.
1023 Corporation Way, Palo Alto, CA  94303
  650-964-4600 x225    FAX: 650-964-9575

Follow-Ups:
- Re: [cobalt-users] RE: telnet vs ssh
  - From: Jeff Lasman

References:
- Re: [cobalt-users] RE: telnet vs ssh
  - From: Jeff Lasman

Prev by Date: Re: [cobalt-users] smtp not working properly.
Next by Date: [cobalt-users] Log Help on Qube2
Previous by thread: Re: [cobalt-users] RE: telnet vs ssh
Next by thread: Re: [cobalt-users] RE: telnet vs ssh

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index