Re: ssh security

From: Dick Hoogendijk (dick_at_nagual.st)
Date: 03/18/05

  • Next message: Erik Trulsson: "Re: Make buildworld and UPDATING"
    Date: Fri, 18 Mar 2005 16:12:53 +0100
    To: freebsd-questions <freebsd-questions@freebsd.org>
    
    

    On 18 Mar Bart Silverstrim wrote:
    >
    > On Mar 18, 2005, at 6:23 AM, Dick Hoogendijk wrote:
    >
    > >I log in from a remote windows computer on my school using PuTTY w/
    > >ssh2. What I'd like to know is how *safe* is the login from this
    > >windows machine?
    > >I would like to be able to login to my home computer without being
    > >worried about some sneaky system operator at work (school) ;-)
    >
    > The SSH session, I believe, should be secure from sniffing (assuming
    > you're using protocol 2).
    >
    > If someone puts a keystroke logger on your windows machine, they will
    > get the password.
    >
    > If they put a hardware logger on your computer, they will get the data.
    >
    > If they are watching over your shoulder just as you misstype your
    > password as your username, you're probably in trouble.
    >
    > If someone is viewing your Windows desktop using remote monitoring
    > software (like a modified VNC), they'll see your session.
    >
    > If putty is trojaned, you're in trouble.
    >
    > If you're *really* paranoid about the connection, grab knoppix and use
    > it's ssh client to log in remotely.

    OK, thank you and all others who responded so quickly. This summary is
    very clear. I changed all passwords right when I came back home ;-)
    Assuming bad news has not yet happened..

    Maybe I'm paranoid but I'll go for knoppix next time. It's the safest
    way to go as I understand now.

    -- 
    dick -- http://nagual.st/ -- PGP/GnuPG key: F86289CE
    ++ Running FreeBSD 4.11 ++ FreeBSD 5.3
    + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja
    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
    

  • Next message: Erik Trulsson: "Re: Make buildworld and UPDATING"

    Relevant Pages