[H-GEN] How safe is SSH on the internet?

Sun Jun 29 21:29:07 EDT 2003

[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Christopher Biggs wrote:
| Heed Mark's suggestion to prohibit SSH v1 (allowing only v2), also
| consider using RSA or DSA authentication instead of passwords, or even
| S-key.

Yeah, I'll bump it up to running SSH v2 only, that'll be fine.  However,
I may be wanting to SSH into the webserver from multiple machines,
especially from university -- where the machines are imaged regularly.

	I could set up a set of keys on my USB hard drive (which has Cygwin
installed), but otherwise, I'm edgey about having to rely solely on SSH
keys for authentication as it means trying to install them onto a miriad
of different clients.

| Oh, and make sure all the rlogin legacy stuff is turned off.

Yes, I might use this over the LAN, but not on the internet.  I indend
to keep rsh, rlogin & friends well out of reach of the outside world.

Thanks for the assistance so far.
- --
+-------------------------------------------------------------+
| Stuart Longland           stuartl at longlandclan.hopto.org |
| Brisbane Mesh Node: 719             http://stuartl.cjb.net/ |
| I haven't lost my mind - it's backed up on a tape somewhere |
| Griffith Student No:           Course: Bachelor/IT (Nathan) |
+-------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+/5JjIGJk7gLSDPcRAqTcAKCA3hNiEpq3sbrZqGH6TT5xkuLP+QCfcVo2
aJiHRHolOXonWzB/sGUDnfU=
=YqKU
-----END PGP SIGNATURE-----

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/