From owner-freebsd-questions@FreeBSD.ORG  Sat May 10 02:07:35 2003
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id F330337B401
	for <questions@freebsd.org>; Sat, 10 May 2003 02:07:34 -0700 (PDT)
Received: from lilzcluster.liwest.at (lilzclust02.liwest.at [212.33.55.12])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 82E3D43FE1
	for <questions@freebsd.org>; Sat, 10 May 2003 02:07:33 -0700 (PDT)
	(envelope-from dgw@liwest.at)
Received: from cm58-27.liwest.at by lilzcluster.liwest.at
	(8.10.2/1.1.2.11/08Jun01-1123AM)
	id h4A97IV0001349578; Sat, 10 May 2003 11:07:19 +0200 (MEST)
From: Daniela <dgw@liwest.at>
To: Kenneth Culver <culverk@yumyumyum.org>
Date: Sat, 10 May 2003 11:08:13 +0000
User-Agent: KMail/1.5.1
References: <20030509000921.P66401-100000@alpha.yumyumyum.org>
In-Reply-To: <20030509000921.P66401-100000@alpha.yumyumyum.org>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200305101108.13319.dgw@liwest.at>
cc: questions@freebsd.org
cc: Kirill Pisman <anyher@ngs.ru>
Subject: Re: Why is port 22 open by default?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 10 May 2003 09:07:35 -0000

On Friday 09 May 2003 04:10, Kenneth Culver wrote:
> > > D> I was just wondering:
> > > D> Is SSH really so secure that it can be on by default?
> > >
> > > D> I'm really paranoid, and I could sleep better if the answer was yes
> > > :-)
> > >
> > > if you *REALY* paranoid  you can  juct  switch  your computer  off :)
> > >
> > > if you are  fully trust  your local area network there is  no  reaseon
> > > to afraid (but passwords) , othervice there is  some  'pantom menace'
> > > that  ssh could  de cracked by someone  , who will dump all the
> > > connections to your  computer  all the  time
> >
> > Is there some way to prevent this?
>
> SSH is fairly secure, but there is no 100% secure remote access solution.
> That said, you should be fine with ssh enabled, I've had it enabled for
> ages without problems, just make sure you pick a good password.

Sounds like SSH is secure enough for me. Or is a 19 character password too 
short? :-)