Subject: Re: sshd config?
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Mahmoud Chilali <firstname.lastname@example.org>
Date: 12/01/2003 00:21:09
der Mouse wrote:
> Me too. I'm perfectly content with requiring explicit reconfiguration
> to make it available (such as Ciphers and MACs in sshd_config). But I
> think it is unreasonable to protect admins against themselves to the
> extent of removing it entirely.
Besides, trying to protect people against themselves has always resulted
in things getting worst, because people always find unusual ways to get
> NetBSD tries to keep people from shooting themselves in the foot by
> mistake. But I think it is wrong to keep the guns locked away entirely
> because people might shoot themselves in the foot.
If only there were docs about how it works and why we should trust it...
> I don't think this is true. If it is, the protocol is grossly
> misdesigned, because everything the sniffer gains, the peer server has
> access to even with real encryption, and I think we will all agree that
> the client should _never_ reveal to _anyone_ enough information to
> compromise a private key.
fully agreed. If using a null crypto ssh breaks my future encrypted
sessions, then ssh would be broken. I doubt it is so, but I have no proof:)
Back to the subject, from a user perspective:
- There is no point in controlling me:)
- If I have to use ssh when I feel ok for encryption and rlogin when I
feel trust, then I go for rlogin only (+ssl or ipsec if really needed).
Now all this stuff is about some man in the middle. How can a man be in
the middle when all men are extremist?