On Sat, Aug 20, 2005 at 03:55:56PM +0200, Henning Makholm wrote: > > Do we have other ways to provide its functionality? I sometimes need > to log into my machine from net cafes, and even SSH1 is preferable to > telnet. :-/
Sure, run your SSH server listening to port 443, and use putty from a trusted source (if running on Windows platforms). That's guarantee to work even if they have a fascist proxy in place (if you configure Putty to use its proxy). The only caveat is that if you don't trust the system you are running in: a) a sniffer would capture your passwords, you can use public key authentication but then again a trojan could copy off the key and capture your password anyway. You might want to look into one time password authentication. b) a trojan could potentially use your SSH tunnel (once established) and inject commands in it. This can be done by replacing your putty binary either in place (in the disk) or in memory. I would seriously advise against running SSH session in possibly compromised systems. Even when preventing a) since b) is always possible. I have not seen such attacks/trojans widely just yet, however. Regards Javier
signature.asc
Description: Digital signature
