Full Disclosure mailing list archives
Re: OpenSSH is a good choice?
From: Carlos de Oliveira <carlos.oliv () gmail com>
Date: Tue, 21 Dec 2004 01:57:06 -0200
Thank you all for you attention! This helps me a lot. :-) On Mon, 20 Dec 2004 18:12:21 -0600, Kevin <kkadow () gmail com> wrote:
Nobody sitting on exploits for the current version of OpenSSH will share them in public. Of the available SSH servers, OpenSSH (if you deploy the latest version, with the latest OpenSSL library, and upgrade when new versions come out for either OpenSSL or OpenSSH) is the least likely to have remote exploits. The most secure deployment of OpenSSH is to run OpenSSH on OpenBSD on an architecture with W^X hardware support (Sparc/Sparc64/AMD64). Personally, I would be nervous about having a SSH listener on TCP/22 accessible from any Internet IP that cares to connect. You might consider putting your server behind some sort of IPSEC VPN if you are feeling paranoid. Kevin On Sat, 18 Dec 2004 01:49:39 -0200, Carlos de Oliveira <carlos.oliv () gmail com> wrote:Hi there! I am going to install OpenSSH in one of my servers, but I want to make sure it is secure. Does anybody know about vulnerabilites on OpenSSH, if yes, would you like to suggest me another remote secure shell ?
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- OpenSSH is a good choice? Carlos de Oliveira (Dec 20)
- Re: OpenSSH is a good choice? Andrew Farmer (Dec 20)
- Message not available
- Re: OpenSSH is a good choice? Carlos de Oliveira (Dec 21)
- Re: OpenSSH is a good choice? hutuworm (Dec 21)
- RE: OpenSSH is a good choice? ALD, Aditya, Aditya Lalit Deshmukh (Dec 21)
- RE: OpenSSH is a good choice? Ron DuFresne (Dec 21)
- Re: OpenSSH is a good choice? Willem Koenings (Dec 21)
- Re: OpenSSH is a good choice? Ron DuFresne (Dec 22)
- Re: OpenSSH is a good choice? Willem Koenings (Dec 23)
- Re: OpenSSH is a good choice? Ron DuFresne (Dec 23)
- Re: OpenSSH is a good choice? Ben Hawkes (Dec 24)
- Re: OpenSSH is a good choice? Willem Koenings (Dec 24)
- Re: OpenSSH is a good choice? Ron DuFresne (Dec 25)