home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
Columbia Kermit
/
kermit.zip
/
newsgroups
/
misc.19970104-19970326
/
000175_news@columbia.edu _Mon Feb 3 02:59:33 1997.msg
< prev
next >
Wrap
Internet Message Format
|
2020-01-01
|
4KB
Return-Path: <news@columbia.edu>
Received: from newsmaster.cc.columbia.edu (newsmaster.cc.columbia.edu [128.59.35.30])
by watsun.cc.columbia.edu (8.8.5/8.8.5) with ESMTP id CAA15040
for <kermit.misc@watsun.cc.columbia.edu>; Mon, 3 Feb 1997 02:59:32 -0500 (EST)
Received: (from news@localhost)
by newsmaster.cc.columbia.edu (8.8.5/8.8.5) id CAA14686
for kermit.misc@watsun; Mon, 3 Feb 1997 02:59:31 -0500 (EST)
Path: news.columbia.edu!sol.ctr.columbia.edu!news.indiana.edu!vixen.cso.uiuc.edu!news.sprintlink.net!news-peer.sprintlink.net!news-pull.sprintlink.net!news.sprintlink.net!news-pen-14.sprintlink.net!ratty.wolfe.net!news.aa.net!news.aa.net!croten
From: croten@big.aa.net (Charles Roten)
Newsgroups: comp.protocols.kermit.misc,alt.security,comp.os.ms-windows.nt.admin.security,comp.security,comp.security.unix
Subject: ssh (secure shell) with kermit ?
Date: 03 Feb 1997 02:37:57 GMT
Organization: Alternate Access Incorporated
Lines: 44
Message-ID: <CROTEN.97Feb2183757@big.aa.net>
NNTP-Posting-Host: big.aa.net
Xref: news.columbia.edu comp.protocols.kermit.misc:6524 alt.security:42881 comp.os.ms-windows.nt.admin.security:1701 comp.security.unix:36356
Is there some way ssh (secure shell), or some similar approach, may
be used to keep user IDs and passwords out of the hands of little
wretches who put sniffers on the Net ? Using kermit ?
As I am sure I do _not_ need to tell you, telnet sends the usename
and password over the net _in_ _the_ _clear_. Once Joe Cracker gets
his glommy little hands on the right packet, there's all Hell to pay,
and no pitch hot.
An outfit I interviewed with last week suffered a breakin by just
such a lowlife. He gained _root_ access. They shut down before much
had been compromised .. but the staff are _really_ unhappy. That
site is pretty well locked down. Nobody telnets or ftps out. Nobody
telnets or ftps in. That means nobody can dial in and get work done
from home. And none of the Statistics research folks can call up
the sites they need to talk to, to do what MathSoft is _paying_ them
to do. [ The aforementioned scumbag might _just_ _possibly_ receive
an all-expense-paid "vacation" as the guest of the State. Hopefully.
Couldn't happen to a nicer guy. ;^> ]
Secure shell should get the job done, from what I've read in it's
FAQ. But can it be run _securely_, from within _kermit_ .. either
MS-kermit or C-kermit ? Or, of course, from within Kermit-95 ?
Hopefully, fired up/configured from some startup script that folks
who aren't "systems types" could just _run_ without having to tinker
with ?
Oh, and BTW .. are there any caveats I need to be aware of in regard
to Tatu Ylonen's ssh version .. modulo the licensing bit, which the
ssh FAQ (version of 19 August '96) told me about ? Any Windows- or
NT- or Lose95-specific gotchas ?? Sorry to proclaim my ignorance
about M$ OS's in front of all and sundry .. just reluctant to learn
about a GULAG from the inside. ;^>
Thanks in advance.
--
croten@aa.net (Charles D. Roten) | Pursuant to US Code, Title 47,
| Chapter 5, Subchapter II, 227, any
A few Linux tools and fixes, and a | and all nonsolicited commercial E-mail
plethora of links to NT ports | sent to this address is subject to
of standard GNU/UNIX tools | a download and archival fee in the
may be found at my homepage: | amount of $500 US. E-mailing denotes
http://www.aa.net/~croten | acceptance of these terms.