[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: How safe is SU?

To: misc@openbsd.org
Subject: Re: How safe is SU?
From: "Chris K. Young" <cky@pobox.com>
Date: 4 Sep 2000 07:21:42 +1200
Mail-Followup-To: misc@openbsd.org
Mail-Reply-To: young1@hedgee.com
References: <39AFDEA4.73258D4B@use.net>

Quoted from A farmer using BSD, eh!:
> - is SU process encrypted?

Not of itself. You can run it under SSH though.

> - Can SU password be intercepted in LAN, even if SU process is
> encrypted?

Yes.

> - related: Is root login still unsafe by any chance?

Yes.

If ``interception'' is your only worry, you can consider using
one-time passwords (the OpenBSD FAQ has a chapter on this).

If, on the other hand, you're also paranoid about session takeovers,
then you'd better use SSH or the like.

	---Chris K.
-- 
 Chris, the Young One |_ but what's a dropped message between friends? 
  Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. 
http://cloud9.hedgee.com/ |_ Robinson, IV

Follow-Ups:
- Re: How safe is SU?
  - From: "A farmer using BSD, eh!" <GreenNeck@use.net>

References:
- How safe is SU?
  - From: "A farmer using BSD, eh!" <GreenNeck@use.net>

Prev by Date: Re: xauth, xhost, and xinit (was Re: GNOME.)
Next by Date: Re: How safe is SU?
Prev by thread: How safe is SU?
Next by thread: Re: How safe is SU?
Index(es):
- Date
- Thread