Is ssh not safe?
Edwin Dicker
edwin at dicker.nl
Sat Jul 24 18:04:01 UTC 2004
----- Original Message -----
From: "Michael Sullivan" <michael at espersunited.com>
To: <fedora-list at redhat.com>
Sent: Saturday, 24 July, 2004 19:37
Subject: Is ssh not safe?
> I've been following the "Hack Attempts" thread and I've come to the
> conclusion that having my router route port 22 requests through to my
> server PC is not safe. Here's my situation. I use my server PC for web
> hosting and email. Most of my users access their accounts from outside
> the router (my network is based in my apartment and my wife and I are
> the only ones who use it here.) I don't users telnetting in because of
> the security risk (I don't quite understand this, but I've read about it
> in more than one place, so it's probably true), so I've enabled ssh so
> that they can log in and change their passwords if need be. They upload
> their web pages through FTP, supplying their username and password.
> Spammers try to use the mail server every day - I have to read about it
> in my daily Logwatch, but I don't think they ever succeed. I should
> probably keep a closer eye on the logs. Is there a way for users to
> change their passwords through their FTP clients? Or is there a safer
> way to allow them to change their passwords?
I think SSH is safe enough with its encryption.( Of course everything can
eventually be cracked ) The main reason you should not use telnet over the
internet is that its passwords are sent over UN-excrypted and therefor
easier to capture by anyone who is able to access the network with a
sniffer.
Reading the logs is something a good system administrator really should do
every day and take action where neccessary.
Users cannot change their passwords with the ftp client as far as I know,
but you could set a timeframe for them to have to change their password
every 12 weeks e.g.
Edwin
More information about the fedora-list
mailing list