On Sun, Mar 10, 2002 at 05:57:38PM -0500, Greg A. Woods wrote:

> I for one might want all my users to always use encryption all of the
> time.  

I don't see why this cannot be enforced in the ssh configuration.
In fact, I would want that anyway, to control what ciphers and what not
my users could activate.

> > The sourceforge crack done a few months ago was done despite the
> > encryption, so it's no garantee anyway.
> 
> Well, not exactly "despite the encryption" but rather more like
> "despite, and perhaps even because of the requirement to use SSH", but I
> see your point.

I think they said that had everyone originated from their own machine,
the crack wouldn't have happened.

When you hop, you put a lot of trust in the middleman.  I cannot remember
now if the perpetrator was staff at the middleman, or just a patient
snooper.  

> >  If you really want to be secure,
> > you never hop, you always start from a secured location.
> 
> Indeed.  I wonder how many people have (continued to) use an SSH client
> from a client host that had recently been infected with a virus or
> infested with a worm?  Obviously some have.

The host doesn't even need to be compromised that way.

You could have ssh ported to an OS that doesn't protect user's from one
another, staff at the host could be in on the deal, or some very patient
snooper could just be waiting for a suitable victim to screw up.


-- 
UNIX/Perl/C/Pizza__________________________________shannon@widomaker.com