ssh encryption strength
William Kreuter
billyk at u.washington.edu
Sun Feb 6 10:27:17 PST 2000
On Sun, 6 Feb 2000, R. David Whitlock wrote:
> OK, I'm going to show my ignorance here, but I'm curious: What's
> the difference between this and just setting your display to another
> machine?
I think that Dave Dittrich can explain this well. My loose
understanding is that using ssh's encrypted X forwarding avoids some
big security holes that the X protocol otherwise presents.
What I've never understood, though, is what the difference is between
using an SSH passphrase and not using it. I don't know what
additional security, if any, is provided by the passphrase -- or, if
it makes no difference in security, then why the passphrase concept is
even there. What is clear is that I must never have a passphrase set
if I want to use ssh in any kind of automated setting such as a
crontab or as a replacement for imap, and I do both of those all the
time.
William Kreuter, Senior Computer Specialist, University of Washington
Ctr. for Cost & Outcomes Research, 146 N. Canal St. #300, Seattle, WA 98103
billyk at u.washington.edu http://staff.washington.edu/billyk/
voice or voice mail: 206-543-5007 fax: 206-543-5318 mailstop: 358853
More information about the Linux
mailing list