Remotely edit user disk quota
Wojciech Puchar
wojtek at wojtek.tensor.gdynia.pl
Sun May 31 08:43:56 UTC 2009
>> same user password somewhere else.
>
> The whole point of ssh is to prevent this sort of thing, by
> encrypting the message traffic over this insecure communication
> channel.
I think most people using ssh already know it. or maybe not?:)
An attacker may be able to intercept the encrypted
> traffic, but it will take a skilled cryptanalyst and a lot of CPU
> time -- or the attacker will have to be very lucky -- to decrypt
> the message and recover the passwords while they are still valid.
All of this things are strong enough to require billions of years to
crack or more.
>From the beginning my point of this discussion is to stop stupidly
repeating "golden rules" like
- program a is secure
- program b is insecure
- so just don't use program b
Because it teaches people not to think.
There are difference between "insecure program" and "program without extra
security".
> (You *do* change passwords periodically, don't you?)
Of course!
More information about the freebsd-questions
mailing list