When I want to get into my Linux computer from Windows machines at school I use a program called Putty. You all have probably heard of it. Anyway Putty has two MAJOR security issues. The first is that the default protocol for connecting to computers is telnet, which you all know is not secure! Second, if you choose SSH protocol, it defaults to SSHv1, which you all probably know is not secure too. I have not tried to snoop SSHv1 session yet but I hear there are tools out there that make it real easy. Doesn't this seem like a horrible security problem to anyone else?
Announcement
Collapse
No announcement yet.
Putty security holes
Collapse
X
-
Originally posted by kidlinuxWhen I want to get into my Linux computer from Windows machines at school I use a program called Putty. You all have probably heard of it. Anyway Putty has two MAJOR security issues. The first is that the default protocol for connecting to computers is telnet, which you all know is not secure! Second, if you choose SSH protocol, it defaults to SSHv1, which you all probably know is not secure too. I have not tried to snoop SSHv1 session yet but I hear there are tools out there that make it real easy. Doesn't this seem like a horrible security problem to anyone else?45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
[ redacted ]
-
You can also take this a step further by telling your server (the one running sshd) to not even speak SSH1 and to reject those that do.
I return whatever i wish . Its called FREEDOWM OF RANDOMNESS IN A HECK . CLUSTERED DEFEATED CORn FORUM . Welcome to me
Comment
-
Originally posted by noidYou can also take this a step further by telling your server (the one running sshd) to not even speak SSH1 and to reject those that do.
Once again noid speaks the most wisely...
It is easy as hell to do.
Edit the sshd_config and uncomment the Protocols line. Then delete anything other than the number 2.
Then HUP the sshd and you're in bidnesses.
See attached screenshot.
This ends my uncharacteristic spoonfeeding session for today.Last edited by Chris; December 4, 2003, 14:29.perl -e 'print pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
Comment
-
Originally posted by noidYou can also take this a step further by telling your server (the one running sshd) to not even speak SSH1 and to reject those that do.
Comment
-
Originally posted by kidlinuxWow thanks that is a great idea. I will edit my config to only allow SSH2 on my server, then I don't even have to fix Putty!
Comment
-
Originally posted by kidlinuxWow thanks that is a great idea. I will edit my config to only allow SSH2 on my server, then I don't even have to fix Putty!45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B0
45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B1
[ redacted ]
Comment
Comment