This might be the monkey in the middle attack that dsniff contained a tool
for exploiting. But I'm not sure...
Tim
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> Ben Barrett
> Sent: Wednesday, August 15, 2001 4:21 PM
> To: [EMAIL PROTECTED]
> Subject: [EUG-LUG:2261] Re: ssh2
>
>
> I just switched (had a problem with and old sshd in the
> path's forefront
> after compiling and installing the latest OpenSSH!), but now
> my password
> is no longer accepted. I presume that I have some other
> problem (have had
> weird and improper behaviour of shadow file!!!), and I wish
> linux would
> work for me right now. I can still telnet and my password
> works fine...
> Anyone???
>
> a short shout out
>
> ben
>
> btw, all it says is "Note that protocol 1 lacks a strong mechanism for
> ensuring the integrity of the connection." That indicates an
> insufficient
> authentication process...? Has anyone seen or heard of ssh1 actually
> being taken advantage of? (What I'm asking is "IS IT A RISK?")
>
>
> On Wed, 15 Aug 2001, Jacob Meuser wrote:
>
> > > Pointers to web pages would be swell.
> >
> > http://www.openbsd.org/cgi-bin/man.cgi?query=ssh
> > http://www.openbsd.org/cgi-bin/man.cgi?query=sshd
>
