I've not seen anyone drop SSH and go back to Telnet.
If you (sometimes) don't check SSH fingerprints, and you still believe SSH has value, then can you reasonably argue that something like ESessions doesn't?
- Ian
AFAIK almost nobody checks the fingerprints when using SSH. Also, IMHO,
SSH is more vulnerable than ESessions because people are more likely to
check a SAS than a fingerprint, and because SSH is typically negotiated
over an unencrypted Internet connection whereas ESessions should pass
over TLS c2s and s2s.
- [Security] Aunt Tillie, Joe User, and appropriate levels... Peter Saint-Andre
- Re: [Security] Aunt Tillie, Joe User, and appropria... Brendan Taylor
- Re: [Security] Aunt Tillie, Joe User, and appro... Peter Saint-Andre
- Re: [Security] Aunt Tillie, Joe User, and appropria... Greg Hudson
- [Security] Re: Aunt Tillie, Joe User, and appropria... Peter Saint-Andre
- Re: [Security] Aunt Tillie, Joe User, and appropria... Ian Paterson
- Re: [Security] Aunt Tillie, Joe User, and appropria... Ian Paterson
- Re: [Security] Aunt Tillie, Joe User, and appro... Greg Hudson
- Re: [Security] Aunt Tillie, Joe User, and appro... Peter Saint-Andre
