From owner-freebsd-security Sun Jan 23 17:30:22 2000 Delivered-To: freebsd-security@freebsd.org Received: from nsm.htp.org (nsm.htp.org [202.241.243.104]) by hub.freebsd.org (Postfix) with SMTP id 61B4614CE0 for ; Sun, 23 Jan 2000 17:30:00 -0800 (PST) (envelope-from sen_ml@eccosys.com) Received: (qmail 25972 invoked from network); 24 Jan 2000 01:28:36 -0000 Received: from localhost (127.0.0.1) by localhost with SMTP; 24 Jan 2000 01:28:36 -0000 To: freebsd-security@FreeBSD.ORG Subject: Re: ssh-feature 'backdoor' From: sen_ml@eccosys.com In-Reply-To: <20000123210421.A90963@server.nostromo.in-berlin.de> References: <20000119155203.C8404@is.co.za> <20000120002132R.1000@eccosys.com> <20000123210421.A90963@server.nostromo.in-berlin.de> X-Mailer: Mew version 1.94.1 on Emacs 20.5 / Mule 4.0 (HANANOEN) X-No-Archive: Yes Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-Id: <20000124103034W.1000@eccosys.com> Date: Mon, 24 Jan 2000 10:30:34 +0900 X-Dispatcher: imput version 990905(IM130) Lines: 34 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ripley> Quoting sen_ml@eccosys.com (sen_ml@eccosys.com): > if you su, don't you have to type in the root password? even if the > session is encrypted, the password still goes over the wire. if you > use rsa key authentication you don't have that particular risk (though > you may have others). ripley> There are alternatives to su which don't need the user to have the ripley> root password. then perhaps those can provide viable alternatives. (btw, do you have any personal recommendations?) at least for the current discussion i was under the impression that su was mentioned explicitly :-) ripley> Besides (assuming encrypted connections) it's not so much a ripley> matter about the password being transferred over the wire i think this is concern is a subject of individual perspective. party a may not care, but party b may. as you can tell, i'm one of those people that is bothered by the password going over the wire, even if in encrypted form. i like things like challenge-and-response authentication and srp. ripley> but whether the user has to know it at all. If he doesn't even ripley> have it, it can't be compromised by the user... isn't the situation similar w/ using rsa authentication and logging in as root (i prefer this set up)? you have to be able to decrypt a certain secret key. if the user can't decrypt some secret key, the user shouldn't be able to get root that way. am i missing an important difference here? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message