A good overview of telnet vs ssh can be found at
http://securityportal.com/cover/coverstory20000814.html
-----Original Message-----
From: Brian J. Dyrehauge [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 30, 2000 6:53 AM
To: [EMAIL PROTECTED]
Subject: Telnet vs SSH
Hi there,
I want the following setup:
Internet
Firewall
Webserver
Firewall
Intranet
What I need, is to be able to logon to the Webserver from
the Intranet, using userid/password on the webserver, and that has to be
encrypted in the DMZ, as hackers easily can sniff from the DMZ (if you
disagree then please tell me why).
To logon to the webserver, one could use telnet, but that is
not encrypted.
There's one could also use SSH, but all that I know about
SSH is that where I worked before, root used it to gain root-access to all
other machines, using the '.rhosts'-file, without needing to supply a new
userid/password to the other machines. That's pretty bad as well, I think.
Now my question is, is it possible to use SSH and still
require supplying userid/password to the Webserver?
If not, then what would you suggest?
Yours sincerely,
Brian J. Dyrehauge
Newbie IT Security Consultant
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
