[Gllug] SFTP Server
Tethys
tet at accucard.com
Wed Apr 9 11:55:46 UTC 2003
Doug Winter writes:
>> The "Secure" in "Secure Shell" really means "probably secure if it's=20
>> managed, used and maintained correctly".
>
>Like every other use of the word "Secure" :)
Actually, in this case, SSH is still somewhat secure, no matter how
poorly managed and maintained it is. No amount of incompetence will
let you set it up so that it sends passwords in plain text over the
network, and that was the original motivation for developing it.
Of course it's not really "secure" in the sense that it's still
possible to configure it poorly which can give access to those you
may not have intended to let in. You can set up password/phrase-less
authentication, for example, and even remote root login using rhost
authentication, and like most other authentication systems, it's
vulnerable to social engineering, etc.
Tet
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list