Re: ssh for dos
>>>>> Ionutz Borcoman writes:
IB> But can I trust that program ? How do I know the guy that posted
IB> that binary didn't hacked it and every time I connect, my
IB> password and account isn't e-mailed to him ? Actually this is my
IB> concern.
Run a web server on the same box as your sshd. Install MindTerm (a
GPLed Java SSH-1 client, http://www.mindbright.se/mindterm/)
somewhere on the site, and run a Java-capable browser on your friend's
OS instead of his installed binary.
This downloads the MindTerm applet, and allows you to connect to the
sshd.
It works for me, and it's as secure as the Java browser and your web
connection (use SSL to download the applet!). I think fewer people
are willing to try hacking a backdoor into Java than they are into a
binary that they know will be used for the specific purpose of secure
logins.
Boycott ssh! Use MindTerm and help with lsh (an SSH-2 implementation,
http://www.lysator.liu.se/~nisse/archive/), that is if you can
understand the wacky homegrown C object system it uses. ;)
--
Gordon Matzigkeit <gord@fig.org> //\ I'm a FIG (http://www.fig.org/)
Committed to freedom and diversity \// I use GNU (http://www.gnu.org/)
Reply to:
- References:
- ssh for dos
- From: Ionutz Borcoman <borco@borco-ei.eng.hokudai.ac.jp>