I do not get ssh. Why is it more secure?
in [General Linux]
|
Prev: How to convert TrueType fonts to bitmapped fonts in Ubuntu
Next: I do not get ssh. Why is it more secure?
From: Maxwell Lol on 17 Jun 2010 21:12 The Natural Philosopher <tnp(a)invalid.invalid> writes: > Its only mire secure if you think your link can and will be > eavesdropped: In practice this is extremely unlikely. Just try using telnet in a wifi hotspot, when someone is running KISMET. Or loging into a web server without using HTTPS.
From: Maxwell Lol on 17 Jun 2010 21:16 >>> In short its probably an outdated tool that introduces (some) security >>> that you probably dont need anyway, and has attributes you probably wont >>> use either. So https is outdated? >> Note also that with telnet, you have to type in the user name and >> password - making it a real pain for any sort of automation. With >> ssh, you can use password-less public key authentication. >> > > Thus making it less secure to anyone who happens on - say - your > machine, with you already logged in. If you leave your computer unlocked, then telnet is not secure either.
From: Maxwell Lol on 17 Jun 2010 21:19 The Natural Philosopher <tnp(a)invalid.invalid> writes: > POne cant assume enything to be true, BUT its very very hard tpo > eavesdrop conversations between specific endpoints even with NSA level > kit. Unless one is using telnet, in which case it's trivial for the ISP to eavesdrop.
From: Maxwell Lol on 17 Jun 2010 21:21 > Clearly they have no clue about REAL security, but are just [parroting > technobabble for the sake of it. The irony! The irony!
From: Maxwell Lol on 17 Jun 2010 21:29
The Natural Philosopher <tnp(a)invalid.invalid> writes: >> With telnet, anybody watching packets going over our network can see >> your password in the clear. >> > > That's precisely nobody in any modern network. Wifi hotspots are great places to sniff for passwords. Script kiddies can launch kismet from the backtrace distro, and capture them all day long. |