Re: Is SSH worth it??

[Devdas Bhagat <dvb () users sourceforge net>]

On 15/10/02 14:39 -0400, Chris Santerre wrote:
> You know I always wondered about this method. su - has you input a password.
> So If a sysadmin is on a cable modem at home, logs in as normal user w/ ssh,
> then does an su - and enters password, How is that any different? You are
> being sniffed on the cable network. Keep in mind you can now sniff SSH
> packets. So how could this be more secure? So wouldn't a hacker now have
> both the first user pass and the su - ?
Because the network traffic in a ssh connection is strongly encrypted
(its Secure shell), the cracker will have to do some rather powerful
decryption to get the password. There was a bug in OpenSSH that would
allow the specific encrypted text to be picked off the network (timing
issues, password characters were sent as sinlge bytes), but that has
been fixed a long time back.
Try snifing ssh encrypted traffic.

Oh, and by using keys, your password never crosses the network at all.

Plus, sudo is a lot more useful in such cases. You can grant relatively
granular access using sudo, without having to divulge the root password.

Hmmmm, given that a large part of admin requires editing of files, 
$sudo vim
:!sh
#

is an easy way to get a root shell without ever using the root
password.

Devdas Bhagat