RE: File transfer using ssh
One point: All the Windows scp clients I've tried so far are password based,
and my server allows only RSA key access, so they don't work.
As soon as I got ssh working reliably, I turned off passwords, and
de-un-selected telnet and ftp servers entirely. So ssh -l root is just as
safe as any other way to get into the machine.
The sshd_config file, however, has "root" account disabled.
I guess I'm not entirely a "sheep", ne?
Curt-
-----Original Message-----
From: Sam Couter [mailto:sam@topic.com.au]
Sent: Thursday, August 23, 2001 17:13
To: debian-security@lists.debian.org
Subject: Re: File transfer using ssh
Philipp Schulte <pschulte@uni-duisburg.de> wrote:
>
> You should never be too lazy to log in as a user and su to root.
su to root: 8 character password.
ssh directly as root: 1024 bit RSA key.
Which one is easiest to crack?
I don't allow telnet logins as root, but I'm quite happy to allow RSA
authenticated root logins with SSH.
Plus, su doesn't forward X connections.
--
Sam Couter | Internet Engineer | http://www.topic.com.au/
sam@topic.com.au | tSA Consulting |
OpenPGP key ID: DE89C75C, available on key servers
OpenPGP fingerprint: A46B 9BB5 3148 7BEA 1F05 5BD5 8530 03AE DE89 C75C
Reply to: