Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.
On Fri, 9 May 2003 00:47, Emile van Bergen wrote:
> > I have my machines configured such that ssh can't provide administrative
> > access, and even if someone cracks sshd it can't grant such access. Then
> > after someone logs in via ssh they have to re-authenticate before getting
> > full access.
>
> This really leaves me wondering. Do you go through this trouble for
> *any* network,
If given the choice I do.
> even the small one between, say, your webserver farm and
> a MySQL server, which, ahum, incidentally also authenticates based on
> source IP, username and cleartext password?
In the one case where I have setup remote access to MySql it's not being used
for anything very important and no passwords or other security information
goes into it.
Given a choice I'd use SSL for that too.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: