[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Per domain/host options for sshd?

John Andersen wrote:
On Thursday 03 June 2004 22:50, Frank Steiner wrote:

Your logic is backward on this.  Why would you want to force people
to use passwords over un-trusted domains, when there is at least
some indication that passwords can be guessed by timeing.

When you have different logins with different passwords, hacking one
does not mean that you can login to the other, too. Excpect when you
install authorized keys between these two accounts. That's what we
want to prevent.

But to answer your question, I have never heard of such capability.

Hmm, likely it must be a hacking solution (different sshd, using sshrc etc.)


Dipl.-Inform. Frank Steiner   Web:  http://www.bio.ifi.lmu.de/~steiner/
Lehrstuhl f. Bioinformatik    Mail: http://www.bio.ifi.lmu.de/~steiner/m/
LMU, Amalienstr. 17           Phone: +49 89 2180-4049
80333 Muenchen, Germany       Fax:              -4054

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here