Another reason not to use sudo?
Hudson Delbert J Contr 61 CS/SCBN
Delbert.Hudson at LOSANGELES.AF.MIL
Mon Nov 22 15:52:37 UTC 2004
actually, in recent versions from ssh.com's site,
encryption levels or not using same is configurable
via cipher selection.
the default cipher IS SET to one of the IETF Draft references
below such as:
AES256=best
AES192=better
AES128=good
3DES=okay
Blowfish=okay (see OPenBSD)
Twofish=weak
Arcfour=weak
CAST=weak
DES=weak
NONE=duh....
disabling encrytion is strongly discouraged and should be used
for testing only and also indicates a severe need for psychiatric
attention.
you could also install binary ssh w/out being root.
one could also start sshd as your non-root user, no sudo or su involved,
supplying the -p option to bind to high numbered port [+1024]
connect from another system with ssh -p. This will only allow connections
to your own account, and sshd will, as a rule, not be restarted when your
machine reboots.
the installer is the one who determines the scope of ssh's power by
who and how it is installed.
but yes ssh out of the box will IS ENCRYPTED.
You decide to what level.
~piranha
-----Original Message-----
From: ubuntu-users-bounces at lists.ubuntu.com
[mailto:ubuntu-users-bounces at lists.ubuntu.com]On Behalf Of Colin Watson
Sent: Monday, November 22, 2004 7:20 AM
To: Ubuntu List
Subject: Re: Another reason not to use sudo?
On Mon, Nov 22, 2004 at 01:41:15PM +0000, Ben Edwards wrote:
> So ssh NEVER sends any unencrypted dater (apart from maybe the host
> and username you are connecting to.
>
> Interesting - was original password not being encrypted an issue in
> older versions of ssh?
Not to my knowledge, ever. This would have been a fatal flaw, defeating
the entire purpose of ssh.
--
Colin Watson [cjwatson at canonical.com]
--
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 3600 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20041122/f24ce98e/attachment.bin>
More information about the ubuntu-users
mailing list