From owner-freebsd-hackers  Sat Dec  6 11:18:51 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id LAA07036
          for hackers-outgoing; Sat, 6 Dec 1997 11:18:51 -0800 (PST)
          (envelope-from owner-freebsd-hackers)
Received: from haldjas.folklore.ee (Haldjas.folklore.ee [193.40.6.121])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id LAA07028
          for <freebsd-hackers@FreeBSD.ORG>; Sat, 6 Dec 1997 11:18:47 -0800 (PST)
          (envelope-from narvi@Haldjas.folklore.ee)
Received: from haldjas.folklore.ee (haldjas.folklore.ee [172.17.2.1] (may be forged))
          by haldjas.folklore.ee (8.8.7/8.8.4) with SMTP
	  id VAA20728; Sat, 6 Dec 1997 21:17:58 +0200 (EET)
Date: Sat, 6 Dec 1997 21:17:58 +0200 (EET)
From: Narvi <narvi@Haldjas.folklore.ee>
To: Jacques Vidrine <nectar@NECTAR.COM>
cc: "David E. Cross" <dec@phoenix.its.rpi.edu>, freebsd-hackers@FreeBSD.ORG
Subject: Re: Telnet Root access
In-Reply-To: <Pine.BSF.3.96.971205232838.3763A-100000@kai.communique.net>
Message-ID: <Pine.BSF.3.96.971206211537.20055A-100000@haldjas.folklore.ee>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


On Fri, 5 Dec 1997, Jacques Vidrine wrote:

> 
> Actually, who knows if SSH is _really_ safe?  Have you checked with a
> packet sniffer to see if everything is really encrypted all the time?
> 
> Personally, I only use my computer from a serial console (they can sniff
> modern monitors too easily). Never even across phone lines.  Sometimes I 
> get nervous if I can't see the entire length of my serial cable!!
> 
> :-) :-)
> 

The parandoid are the paranoid. And why do you think snooping non-modern
monitors is harder?

> 
> Seriously it would be a boon to all if ssh was installed by default and
> you had to work to get telnetd running ... of course I know this won't
> happen.  If only there were several good, free Windoze ssh
> implementations.

Like it is illeagal to export ssh from the US? Like there is no free ssh
client for windows?
 
> Jacques Vidrine <n@nectar.com>
> 
> On Fri, 5 Dec 1997, David E. Cross wrote:
> > IMO: sending the root password plaintext over the network at any time is a
> > *NO*.  I *only* use ssh to connect as root (even when su-ing), and only
> > from a host I trust, and a binary I trust.  I have learned the hard way
> > not to compromise on neteork/system security.
> > 
> > --
> > David Cross
> > ACS Consultant
> 

	Sander

	There is no love, no good, no happiness and no future -
	all these are just illusions.