Way OT: SSH worries
John Rudd
jrudd at UCSC.EDU
Tue Aug 17 05:25:41 IST 2004
<x-flowed>
On Aug 16, 2004, at 5:15 PM, William Burns wrote:
> I wrote a script to turn sshd on+off that gets called by inetd.
> I telnet to a specific port, type in a "pass-phrase", and my sshd
> starts
>
> Now, unless someone finds a TELNET vulnerability, I'm pretty safe.
>
You mean like breaking into your ISP's routers and sniffing your
traffic, so that I see your pass-phrase going across the 'net in the
clear?
Probably better to use stunnel on the server side, and open-ssl's
"sclient" feature (or ssl-telnet) on the client side, so that your
pass-phrase for starting/stopping SSL is at least protected a little.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
</x-flowed>
More information about the MailScanner
mailing list