On Sat, Mar 08, 2008 at 09:05:59AM -0800, Gus Wirth wrote:
It's only secure if you control both ends of the connection. If you are using someone else's machine they could be running a key logger and you are still not secure.
If you use one-time-passwords with ssh, the keylogger won't get anything useful. You have to make sure everything involved is using the OTPs though, including things like sudo. If you're on a PAM system, OTP isn't that hard to set up, at least a basic, not all that secure one that requires you to print the passwords out. David -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
