| gabriel rosenkoetter on Mon, 1 Jul 2002 12:50:24 +0200 |
|
On Sun, Jun 30, 2002 at 11:35:21PM -0400, Paul wrote: > Is it possible that someone could spoof your server's address, making it > seem like you're connecting to your server with ssh while you are > actually sending your root password to the bad guy's server? IP address spoofing, yes. SSH private key spoofing, no, unless the server's security is already compromised. (One would need the *private* key of the host in question in order to encrypt packets containing an IV to its public key and send them to you, which is what sshd does to state its key to you. If this fails, you'll get the "Warning, host key changed" message.) > People on list gave me a hard time about running my home system as root. > (There was also an issue with the mailing list because my user account > didn't match my email address.) Since then I've been using a regular > user account. It's good for forming a good security habit. There's a huge difference between logging in as root all the time (on the console or remotely) and being *able* to connect as root when the time is right. -- gabriel rosenkoetter gr@eclipsed.net Attachment:
pgpwHSVQHTwmo.pgp
|
|