idpt0000

Icon

SSH Security Cautions

Although SSH is designed to be more secure, there is still risk using it in enterprise :

Since SSH-1 has inherent design flaws which make it vulnerable to, e.g., man in the middle attacks, it is now generally considered obsolete and should be avoided by explicitly disabling fallback to SSH-1. While most modern servers and clients support SSH-2, some organizations still use software with no support for SSH-2 making it hard to avoid the use of SSH-1.

In all versions of SSH, it is important to verify unknown public keys before accepting them as valid. Accepting an attacker’s public key as a valid public key has the effect of disclosing the transmitted password and allowing man in the middle attacks.

As with any encrypted protocol SSH can be considered a security risk by companies or governments who do not trust their users. Furthermore SSH has built in tunneling features which make it easier for users to achieve passage of large volumes of information or to establish an entry point for unauthorized inward access over a SSH link than with other protocols.

from Wikipedia

Filed under: 走在最前

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

RSS 極力推介

  • An error has occurred; the feed is probably down. Try again later.

Tweets

%d bloggers like this: