Security for SSH
Stephen
stephen-d-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Fri Jun 10 19:46:43 UTC 2011
On 11-06-10 03:25 PM, Dave Germiquet wrote:
> I know SSH certificates verification is much better than password
> verification.
>
> However if the password is complex enough, is SSH vulnerable with
> password verification?
>
Until authentication is complete, there is no encryption.
So you are sending the password unencrypted, and it could be sniffed.
Stephen
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list