On Wed, 11 Oct 2000, "Kevin D. Clark" <[EMAIL PROTECTED]> wrote:
> > I was hoping you guys would elaborate a bit on the distinction in benefits
> > between:
> >
> > 1) using ssh across the internet
>
> This is a no-brainer. You should assume that Descartes evil genie is
Indeed. I was asking for the distinction between 1 - 2, not the
absolute merit of 1 alone. (I, and I hope most others, hold that truth
as self-evident..)
> > 2) using ssh inside a firewalled work or home LAN
>
> Also, it would be unwise to assume that everybody who is behind your
> firewall isn't malicious. Heck, at a company I worked at in the past,
> we had a BOFH who, among other rude things, probably sniffed packets
> and caused much pain and suffering with the results. I deliberately
> used ssh to thwart him.
Nice application :-)
For the benefit of the list, I was wondering if the admins out there
who have made their LAN's more secure by removing rsh, rlogin (and
possibly telnetd and ftpd) and replacing these with ssh and scp, would
explain what additional steps are needed or should be done to make the
scheme successful.
My point is that in a workplace LAN with multiple users sharing
machines and resources there are typically more services availible
than in using ssh across the internet (e.g. between firewalls).
So saying "always use ssh" might not be enough (though it surely
helps some amount).
Possible loopholes that come to mind are:
- User's ~/.ssh/ contents exported via NFS
- Snooping passphrases via X11
- yppasswd data or pop/imap passwords easily sniffed to circumvent ssh
I understand the replacement rsh -> ssh is an incremental improvement
no matter where it is applied, but what (if any) additional steps/policies
do people feel are needed for it to work in an workplace environment?
Wasn't mclinux doing this? If so, how did it go?
> > I'd also be interested in your suggestions/experiences for ssh activity
> > automation i.e. via cron *w/o* passphrase. (which I believe was the
> > intention of the original post as well).
>
> Iff you can keep both hosts secure, the underlying network can be
> unsecure and you'll have no problems. Without public-key
> cryptography, you don't get that.
It is not clear to me whether you are advocating RhostsRSAAuthentication,
RSAAuthentication using no passphrase, something else, or it doesn't matter.
Karl
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
