Date: 05 Nov 2001 12:13:41 -0800 From: swear@blarg.net (Gary W. Swearingen) To: Ben Eisenbraun <bene@klatsch.org> Cc: questions@FreeBSD.ORG Subject: Re: Lockdown of FreeBSD machine directly on Net Message-ID: <2xd72x9dsa.72x@localhost.localdomain> In-Reply-To: <20011105043613.A90073@klatsch.org> References: <15330.23714.263323.466739@guru.mired.org> <00b501c1637b$1cd2f880$0a00000a@atkielski.com> <20011102095554.A38169@student.uu.se> <00d801c1637c$d3264640$0a00000a@atkielski.com> <20011102055416.B67495@klatsch.org> <8s668sdck9.68s@localhost.localdomain> <20011105043613.A90073@klatsch.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Ben Eisenbraun <bene@klatsch.org> writes: > As a general rule, I try to trust as little as possible. How long will > it be before some bright hacker discovers the next flaw in the ssh > protocol implementation? I was thinking that as soon as they break ssh, they won't just reduce your security to that of an unencrypted network, but to one in which they may easily sniff passwords. so that su-ers and sudo-ers need to trust ssh as much as root-ers do. Just a hunch; I really don't know. It probably depends on how ssh would be broken. > In any case, thanks for the question, Gary. It's always good to be asked > to examine my assumptions. And thanks for the research and answer. I'm happy to see that I've met all of your provisos (except I don't log). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2xd72x9dsa.72x>