search for: calanai

Displaying 2 results from an estimated 2 matches for "calanai".

Did you mean: calanais
2001 Feb 24
6
SU vs. ssh root@host
All-- su cannot be run without trusting the shell. The shell cannot be trusted without trusting any instructions the shell uses, from library calls to rc scripts. Hell, the instructions the shell uses can't even be trusted, since they're all living in userspace memory. By contrast, SSHD is generally a root owned, highly secure environment with no unpriveledged userspace
2002 Apr 12
0
Logging of passwords in plaintext in syslog
Hi, I'm running OpenSSH_3.0p1 and have discovered the following issue.. When using verbose logging and password authentication, if I mistakenly enter the password instead of the username then this is logged in syslog in plain text. I realise that I shouldn't do this ;-), but most OS's native utilities prevent logging the username in this situation. See below for an extract..