[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#192416: ITP: rsh-redone -- Reimplementation of remote shell tools.

On Fri, 9 May 2003 00:47, Emile van Bergen wrote:
> > I have my machines configured such that ssh can't provide administrative
> > access, and even if someone cracks sshd it can't grant such access.  Then
> > after someone logs in via ssh they have to re-authenticate before getting
> > full access.
>
> This really leaves me wondering. Do you go through this trouble for
> *any* network,

If given the choice I do.

> even the small one between, say, your webserver farm and
> a MySQL server, which, ahum, incidentally also authenticates based on
> source IP, username and cleartext password?

In the one case where I have setup remote access to MySql it's not being used 
for anything very important and no passwords or other security information 
goes into it.

Given a choice I'd use SSL for that too.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page
Reply to: