Re: RES: Is SSH worth it??

2002-10-15 Thread Richard Caley
> #!/bin/sh > set agent =~/agent-info > if (-r agent) then > source $agent > else > echo "Can't find or read agent file" > exit 1 Just a couple of tweaks to this. I think it is useful to check if there is already an agent we can talk to and also to make the file per-host. What I do at the t

Re: RES: Is SSH worth it??

2002-10-15 Thread datadisk.security
Richard Caley wrote: >In article <[EMAIL PROTECTED]>, Andre >Guimaraes (ag) writes: > >ag> I dont like RSA without passwords caus if your machine gets >ag> compromised, the attacker would have root access to another >ag> machines in your network. > >Wouldn't the `Right' solution be to put a pass

Re: RES: Is SSH worth it??

2002-10-11 Thread Bailey Kong
> expect yes/no > send yes\r > expect assword > send my_password Isn't this bad? Just having the root password of another computer laying around in a file on your computer? What happens if you get compromised? The person instantly knows of another computer you control and its root password. Anyo

Re: RES: Is SSH worth it??

2002-10-10 Thread Robert Ramiega
On Tue, Oct 08, 2002 at 03:25:54PM -0300, Andre Guimaraes wrote: > I dont like RSA without passwords caus if your machine gets compromised, the > attacker would have root access to another machines in your network. > When I needed automated scripting using ssh and scp I used this programming > lan

Re: RES: Is SSH worth it??

2002-10-10 Thread Richard Caley
In article <[EMAIL PROTECTED]>, Andre Guimaraes (ag) writes: ag> I dont like RSA without passwords caus if your machine gets ag> compromised, the attacker would have root access to another ag> machines in your network. Wouldn't the `Right' solution be to put a passphrase on the private key and

RES: Is SSH worth it??

2002-10-10 Thread Andre Guimaraes
ask you for a url to more info on this expect language and it usage. Again many thanks -Original Message- From: Andre Guimaraes [mailto:[EMAIL PROTECTED]] Sent: 08 October 2002 19:26 To: Trevor Cushen; [EMAIL PROTECTED] Subject: RES: Is SSH worth it?? I dont like RSA without passwords ca

RES: Is SSH worth it??

2002-10-09 Thread Andre Guimaraes
I dont like RSA without passwords caus if your machine gets compromised, the attacker would have root access to another machines in your network. When I needed automated scripting using ssh and scp I used this programming language called EXPECT, perl includes a module that implements the expect la