Know anything about SSH
MrKnisely
mrknisely at mrknisely.is-a-geek.org
Mon Aug 22 23:10:17 UTC 2005
Jonathan McLoughlin wrote:
>OK,
>Troubleshouting and configuring a Blackberry SSH client to connect
>back to a workstation, the last stumbling block was with my
>/etc/ssh/sshd_config; I needed to change
>
>
># Change to yes to enable tunnelled clear text passwords
>PasswordAuthentication yes
>
>
>
>from 'no' to 'yes'
>and volla!!!, sweet java SSH client for blackberry (MidpSSH being the
>opensource client if anyone interested)
>
>Can anyone expand on the verbos description of this flag and suggest
>any additional security risks that this may cause?
>
>
>
All it is allowing is a simple user/password method of authentication
instead of the Public/Private keypair.
It does allow others to guess user/pass authentication. Also, if you
use your POP or IMAP user/pass on the same box, it is possible that
someone could sniff those passwords and have access to your box.
I can tell you that I am rather security consious, but I run all of my
ssh daemons this way. If you choose to as well, make sure you use
strong passwords, and don't use protocols that will transmit your
user/pass conbination in clear text (telnet, pop, imap, ftp, etc).
Hope this helps!
MrKnisely
More information about the ubuntu-users
mailing list