On Tue, Feb 27, 2001 at 11:54:20PM +1100, Ian Tester wrote: > On Tue, 27 Feb 2001, chesty wrote: > > We were advised to turn sshd PasswordAuthentication off because it allows > > clear text passwords. > > hey? That doesn't sound right. > > from ssh(1): > If other authentication methods fail, ssh prompts the user for a pass- > word. The password is sent to the remote host for checking; however, > since all communications are encrypted, the password cannot be seen by > someone listening on the network. yeah but from my /etc/ssh/sshd_config: # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes So I'm confused... Dave -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
- Re: [SLUG] Firewall security audi... Umar Goldeli
- Re: [SLUG] Firewall security audit re... chesty
- Re: [SLUG] Firewall security audit report - advice. :) Umar Goldeli
- Re: [SLUG] Firewall security audit report - advice... Howard Lowndes
- Re: [SLUG] Firewall security audit report - ad... Umar Goldeli
- Re: [SLUG] Firewall security audit report Scott Howard
- Re: [SLUG] Firewall security audit report Umar Goldeli
- Re: [SLUG] Firewall security audit report Howard Lowndes
- Re: [SLUG] Firewall security audit report Umar Goldeli
- Re: [SLUG] Firewall security audit report Ian Tester
- Re: [SLUG] Firewall security audit report Dave Fitch
- Re: [SLUG] Firewall security audit report Howard Lowndes
- Re: [SLUG] Firewall security audit report Conrad Parker
- Re: [SLUG] Firewall security audit report Howard Lowndes
- Re: [SLUG] Firewall security audit report Conrad Parker
- Re: [SLUG] Firewall security audit re... Umar Goldeli
- Re: [SLUG] Firewall security audit report Herbert Xu
