Way OT: SSH worries
John Rudd
jrudd at UCSC.EDU
Wed Aug 18 00:16:38 IST 2004
William Burns wrote:
>
> John:
>
> Maybe I'm confused?
> Do we have the same point?
Not the same point, but I think we were talking at cross purposes.
> John Rudd wrote:
>
> >William Burns wrote:
> >>
> >>Following the "do no harm" philosophy, I use telnet to access a program
> >>that puts an *additional* level of security in front of sshd.
> >>
> >or OpenSSH, which uses OpenSSL code.
> >
>
> I *dont* want to use stunnel to shield OpenSSH(d) from a worm, exactly
> because they're in the same risk category.
Ah, I see what you're saying. I thought you were using the telnet
solution as a general protection, which is why I was saying "you should
protect that stream with some form of encryption" (thus stunnel). If
you're just using that method as a means of keeping random worms and
port scanners from finding sshd, then that makes a lot more sense (and
it also makes sense as to why you wouldn't want to use stunnel on it).
Sorry if I missed something that explained that aspect of the process up
front.
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
More information about the MailScanner
mailing list