Linux-Hams archive - August 1998: Re: Password Security

Re: Password Security

Hamish Moffatt (cngruflq.fwvmc@mx.dy.fi)
Sat, 15 Aug 1998 01:47:44 +1000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike Bilow: "Password Security"
Previous message: Ronnie Hale: "Re: ax25ipd config question"

On Fri, Aug 14, 1998 at 02:48:25PM +0300, Tomi Manninen wrote:
> > How is this any better than telnet?
>
> Using .rhosts or .shosts means you don't have to use any passwords. Just
> like in rlogin. If you set up rlogin with /etc/hosts.equiv or .rhosts
> file anyone can still fake your ip address but SSH always gives you RSA
> based _host_ authentication so this is more secure than rlogin (just make
> sure that rlogin, rsh & co. are disabled in inetd.conf). And of
> course better than telnet because there is no password to be sent in
> the clear.
>
> Anyway I use the RSA based user authentication option which I think is the
> best thing to do. With compression enabled it's almost usable over packet
> radio...

Even better, ssh allows RSA-based user authentication too.
Generate your local keys with ssh-keygen, and transfer your public key
to the other end on some secure channel. Then you can be authenticated
by keys alone. This is even more secure than .shosts is.

Hamish

-- 
Hamish Moffatt, StudIEAust              nsb.dbxw@rele.tunk.net, aemuwy@stenaline.com
Student, computer science & computer systems engineering.    4th year, RMIT.
http://hamish.home.ml.org/ (PGP key here)             CPOM: [*******   ] 71%
Get a stable, reliable &  upgradable operating system free at www.debian.org

Next message: Mike Bilow: "Password Security"
Previous message: Ronnie Hale: "Re: ax25ipd config question"