Functionality
David Terrell
dbt at meat.net
Fri Apr 27 11:41:04 EST 2001
On Fri, Apr 27, 2001 at 11:30:08AM +1000, carl at bl.echidna.id.au wrote:
> > As we all know, disabling remote root logins as a security measure is an
> > old policy from the days before strong authentication methods. As pointed
> > out above, there *are* other issues, but they also have other solutions.
> > These days, normal login followed by su is less secure than allowing a
> > direct root login.
> >
> > ssh -l user host
> > su
> > <root password exposed to traffic analysis>
>
> Erm ... traffic analysis? Where?
>
> Ssh is encrypted.
>
Nothing earth shattering:
http://www.openwall.com/advisories/OW-003-ssh-traffic-analysis.txt
Guess the lengths of your passwords maybe.
--
David Terrell | "The reasons for my decision to quit were myriad, but
Nebcorp PM | central to the decision was the realization that there are
dbt at meat.net | two kinds of companies: Good ones ask you to think for
wwn.nebcorp.com | them. The others tell you to think like them." -Benjy Feen
More information about the openssh-unix-dev
mailing list