Writing the developer mailing list about this seriously messed up default right now.......
WOW, this is a major issue. Not because it's SSH, but because it's the MOST
INSECURE SSH setup I've ever seen. Just tested scanning my local area network
running a Trisquel box. It runs on a default port with password based
authentication (no KEYS!). What this means essentially is any script kiddie
in the world can run a dictionary attack against all your local user accounts
and gain remote access to your files.
- [Trisquel-users] SSH Server Enabled ... apf
- Re: [Trisquel-users] SSH Server... antiesnob
- Re: [Trisquel-users] SSH Se... mampir
- Re: [Trisquel-users] SS... antiesnob
- Re: [Trisquel-users] SSH Se... apf
- Re: [Trisquel-users] SS... antiesnob
- Re: [Trisquel-users... shiretoko
- Re: [Trisquel-... antiesnob
- Re: [Trisquel-users] SSH Server... dooleyn
- Re: [Trisquel-users] SSH Server... shiretoko
- Re: [Trisquel-users] SSH Server... gaming4jc2
- [Trisquel-users] Re : SSH S... magicbanana
- Re: [Trisquel-users] SS... mikko . viinamaki
- Re: [Trisquel-users] SSH Se... apf
- Re: [Trisquel-users] SSH Se... antiesnob
- Re: [Trisquel-users] SSH Se... antiesnob
- Re: [Trisquel-users] SSH Server... gaming4jc2
- Re: [Trisquel-users] SSH Se... retro
- Re: [Trisquel-users] SSH Se... antiesnob
- Re: [Trisquel-users] SSH Se... bm-2cwce5abrzcyn1hzwsb33z4btaxgamtogq
- Re: [Trisquel-users] SS... mikko . viinamaki
