Re: Is ssh not safe?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, 24 Jul 2004, Michael Sullivan wrote:

I've been following the "Hack Attempts" thread and I've come to the
conclusion that having my router route port 22 requests through to my
server PC is not safe.  Here's my situation.  I use my server PC for web
hosting and email.  Most of my users access their accounts from outside
the router (my network is based in my apartment and my wife and I are
the only ones who use it here.)  I don't users telnetting in because of
the security risk (I don't quite understand this, but I've read about it
in more than one place, so it's probably true), so I've enabled ssh so
that they can log in and change their passwords if need be.  They upload
their web pages through FTP, supplying their username and password.

ftp also uses clear text passwords. The point of using ssh is to get the passwords and the data out if the clear and into an encrypted channel (just securing some services and not other isn't really enough).


Spammers try to use the mail server every day - I have to read about it
in my daily Logwatch, but I don't think they ever succeed.  I should
probably keep a closer eye on the logs.  Is there a way for users to
change their passwords through their FTP clients?  Or is there a safer
way to allow them to change their passwords?


-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list


--
-------------------------------------------------------------------------- Joel Jaeggli Unix Consulting joelja@xxxxxxxxxxxxxxxxxxxx GPG Key Fingerprint: 5C6E 0104 BAF0 40B0 5BD3 C38B F000 35AB B67F 56B2




[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux