[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: SSHD - PasswordAuthentication no/yes

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: SSHD - PasswordAuthentication no/yes
From: "Andrew A" <gluttony@xxxxxxxxx>
Date: Wed, 29 Mar 2006 08:09:00 -0500

MITM is a big problem if your users don't have a functional understanding of
key fingerprint difference warnings and use clients like PuTTY that allow
you to accept a changed key with a single click.

On 3/28/06, winsoc <winsoc@xxxxxxxxxxxxxx> wrote:
>
> Hello List,
>
> not sure if this is a bit too off-topic. But I wanted to ask if there are
> any Security problems when PasswordAuthentication gets changed from no to
> yes on OpenSSH4.1
>
> Regards.
>
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] SSHD - PasswordAuthentication no/yes
  - From: winsoc

Prev by Date: Re: [Full-disclosure] Security Alert: Unofficial IE patches appear oninternet
Next by Date: Re: [Full-disclosure] Security Alert: Unofficial IE patches appear oninternet
Previous by thread: Re: [Full-disclosure] SSHD - PasswordAuthentication no/yes
Next by thread: [Full-disclosure] PHC: The 'Hack'ademy 2nd round
Index(es):
- Date
- Thread