Bugtraq mailing list archives
Re: brute force
From: juphoff () tarsier cv nrao edu (Jeff Uphoff)
Date: Wed, 5 Jun 1996 17:03:53 -0400
"CK" == Christopher Klaus <cklaus () iss net> writes: CK> Telnetd,rexecd,rshd,rlogind should all be turned off and replaced with CK> a tool like ssh. But even ssh can be bruteforced, it is just a LOT more CK> time consuming since it only allows 1 try per connection and there is CK> quite a bit of time consumed generating the random keys for transferring. And it's even harder if you run sshd in this mode (in /etc/sshd_config): RhostsAuthentication no RhostsRSAAuthentication no RSAAuthentication yes PasswordAuthentication no No passwords (not even for a fallback)--only already-locally-known keys can get you in. Makes for pretty tough cracking, especially if you protect those keys with nice long pass-phrases and never type them over a network or into a non-secured xterm, etc.... --Up. -- Jeff Uphoff - systems/network admin. | juphoff () nrao edu National Radio Astronomy Observatory | juphoff () bofh org uk Charlottesville, VA, USA | jeff.uphoff () linux org PGP key available at: http://www.cv.nrao.edu/~juphoff/
Current thread:
- Re: brute force Jeff Uphoff (Jun 05)
- <Possible follow-ups>
- Re: brute force Marc Mosko/jfrank/us (Jun 06)