-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I admin several servers for people and something came to my attention
that seemed important to the way I advise my clients/users on the
proper way of connecting to a sshd:
I have in the past, told people to always use "ssh -C -c <ciphername>
- -l <username> <hostname>" when connecting, but somebody pointed out
that is not really needed, because all ssh servers encrypt on all
connections as default, unless the admin forced it to do differently.
He is -very- adamant (sp?) about it, but I like to stand my ground on
this one :-)
The question is: Is my way (specifying arguments) any better then
just say executing "ssh <hostname>"? Should I inherently trust the
server, whether it may be FreSSH or OpenSSH or SSH(c)? What about
trojans (like an trojaned sshd on the server), anyway to avoid
pitfalls for the client?
And yes, I know you can setup a dot file for ssh on the user's home
dir, I'm talking about general ssh'ing in to a server...
Thank you for your time,
Isaac Bentley
Virtuality Labs
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0.4
Comment: Isaac Bentley
iQA/AwUBO5V4G3J2Tc/LYfxAEQJRZACglw9a229ZWHeIOg85ew4zSjuE9qoAoM83
BxMYj8uF21udfSmDXwkNaTGV
=yvRv
-----END PGP SIGNATURE-----
