Subject: Re: FreSSH
To: NetBSD-current Discussion List <current-users@netbsd.org>
From: Greg A. Woods <woods@weird.com>
List: current-users
Date: 03/09/2002 12:04:43
[ On Saturday, March 9, 2002 at 11:31:41 (-0500), Charles Shannon Hendrix wrote: ]
> Subject: Re: FreSSH
>
> On Fri, Mar 08, 2002 at 02:46:18AM -0500, Michael G. Schabert wrote:
> >
> > Hehe, turn off encryption??
> >
> > "alias ssh telnet"
>
> No... encryption of packets, not the password handshake to establish
> the connection.
But that's the whole point. You may as well put your password in the
clear on the wire if you don't use strong crypto for the entire
connection. If someone can see your password as it flies by then they
can almost certainly hijack your connection. If they can actually get
right in the middle of your connection then they can proxy your
connection, doing things as you, and only showing you what you think you
should see. You can't have it half-way and expect it still to be
secure because it won't be.
--
Greg A. Woods
+1 416 218-0098; <gwoods@acm.org>; <g.a.woods@ieee.org>; <woods@robohack.ca>
Planix, Inc. <woods@planix.com>; VE3TCP; Secrets of the Weird <woods@weird.com>