North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: telnet vs ssh on Core equipment , looking for reasons why ?
- From: Scott Francis
- Date: Tue Jul 31 18:32:20 2001
On Tue, Jul 31, 2001 at 11:48:55AM -0400, firstname.lastname@example.org exclaimed:
> warning: Executing /opt/bin/ssh1 for ssh1 compatibility.
> Host key not found from the list of known hosts.
> !! If host key is new or changed, ssh1 protocol is vulnerable to an
> !! attack known as false-split, which makes it relativily easy to
> !! hijack the connection without the attack being detected. It is
> !! highly advisable to turn StrictHostKeyChecking to "yes" and
> !! manually copy host keys to known_hosts.
> Are you sure you want to continue connecting (yes/no)?
> It does not matter what kind of security system you have if you dont bother
> to actually engage it.
Amen to that.
Scott Francis darkuncle@ [home:] d a r k u n c l e . n e t
Systems/Network Manager sfrancis@ [work:] t o n o s . c o m
UNIX | IP networks | security | sysadmin | caffeine | BOFH | general geekery
GPG public key 0xCB33CCA7 illum oportet crescere me autem minui
Description: PGP signature