> > > Hence the One-Time Password suggestion. Either way, better to have/use > > > SSH than use telnet/ftp/r{login,sh,exec}. > > > > I have both SSL-Telnet and SSH installed. I don't type root passwords over > > clear connections unless it is an emergency. > > Hmm - why is it that emergencies always happen when I'm away from > Cambridge? ;(
Well, one Debian user seems to have had a break-in. However, the break-in wasn't due to any Debian security hole. The break-in was due to standard/known UN*X security holes. For example, allowing incoming telnets is one (typing clear text passwords over the net). -Ossama