Is ssh not safe?

[Edwin Dicker]

----- Original Message ----- 
From: "Michael Sullivan" <michael at espersunited.com>
To: <fedora-list at redhat.com>
Sent: Saturday, 24 July, 2004 19:37
Subject: Is ssh not safe?


> I've been following the "Hack Attempts" thread and I've come to the
> conclusion that having my router route port 22 requests through to my
> server PC is not safe.  Here's my situation.  I use my server PC for web
> hosting and email.  Most of my users access their accounts from outside
> the router (my network is based in my apartment and my wife and I are
> the only ones who use it here.)  I don't users telnetting in because of
> the security risk (I don't quite understand this, but I've read about it
> in more than one place, so it's probably true), so I've enabled ssh so
> that they can log in and change their passwords if need be.  They upload
> their web pages through FTP, supplying their username and password.
> Spammers try to use the mail server every day - I have to read about it
> in my daily Logwatch, but I don't think they ever succeed.  I should
> probably keep a closer eye on the logs.  Is there a way for users to
> change their passwords through their FTP clients?  Or is there a safer
> way to allow them to change their passwords?

I think SSH is safe enough with its encryption.( Of course everything can
eventually be cracked ) The main reason you should not use telnet over the
internet is that its passwords are sent over UN-excrypted and therefor
easier to capture by anyone who is able to access the network with a
sniffer.
Reading the logs is something a good system administrator really should do
every day and take action where neccessary.

Users cannot change their passwords with the ftp client as far as I know,
but you could set a timeframe for them to have to change their password
every 12 weeks e.g.

Edwin