Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.os.linux.misc > #36637

Re: Is It Time To Replace SSH ???

Subject Re: Is It Time To Replace SSH ???
Newsgroups comp.os.linux.misc
References (10 earlier) <87358yhg79.fsf@usenet.ankman.de> <AI-dncidY4wo2jP-nZ2dnZfqnPSdnZ2d@earthlink.com> <tomso8$luhn$14@dont-email.me> <oHGrL.168664$vBI8.52779@fx15.iad> <toni7k$okhm$4@dont-email.me>
From "26C.Z969" <26C.Z969@noaada.net>
Date 2022-12-31 00:32 -0500
Message-ID <6oWdncjmn6DHVDL-nZ2dnZfqnPadnZ2d@earthlink.com> (permalink)

Show all headers | View raw

On 12/30/22 3:38 PM, The Natural Philosopher wrote:
> On 30/12/2022 19:09, Charlie Gibbs wrote:
>> On 2022-12-30, The Natural Philosopher <tnp@invalid.invalid> wrote:
>>
>>> On 30/12/2022 02:06, 26C.Z969 wrote:
>>>
>>>> But I'm not sure if there's a good way to make it easy
>>>>     for the good guys and hell for the others. Everyone
>>>>     from the giant tech corps on down have been looking,
>>>>     but so far ......
>>
>> All too many people punt on this one.  Because they don't
>> have any bad guys handy to run tests, they measure security
>> by how much it inconveniences legitimate users instead.
>> For such people, security consists of giving yourself the
>> warm fuzzies, rather than actually accomplishing anything.
>>
>>> There is.
>>>
>>> Its simple, and its well known.
>>> Its called a 'shared secret'
>>> Passwords that are your birthday can be shared but they are not secret.
>>> Passwords that are the numberplate of your first car, are pretty secure.
>>> As are long but memorable phrases like
>>> "My.horses.a$$.is.full.of.hovercraft!"
>>> Stupid people confuse easily remembered with easily crackable.
>>>
>>> I have had passwords from my pet cats name to the first thing I saw
>>> looking out of the window in a London data centre. Red.Bus! is
>>> memorable, but quite tough to brute force or dictionary attack
>>
>> https://xkcd.com/936/
>>
> In a nutshell


   Using pure "dictionary words" is a bit risky. If you
   wanna go that way it should be a "nonsense phrase"
   of some kind, preferably with weird capitalization
   like "PooPyForKs" or something.

   A couple of years ago I watched a dictionary attack
   on a mail server in action for a few DAYS. You'd be
   surprised what words/phrases they tried. Somewhere I
   have a record of everything they attempted ... it's
   like 700 pages of small print.

   (thing is, they had an obsolete USER NAME and 'admin'
   was only for local-network logins :-)

Back to comp.os.linux.misc | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-15 01:52 -0500
  Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-15 08:39 +0000
    Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-15 10:09 +0000
      Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-15 18:33 -0500
        Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:19 +0000
          Re: Is It Time To Replace SSH ??? Roger Blake <rogblake@iname.invalid> - 2022-12-19 00:12 +0000
            Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:05 +0000
      Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:21 +0000
        Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-17 07:03 +0000
        Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2022-12-19 15:46 +0000
          Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 16:30 +0000
            Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:27 +0000
          Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:10 +0000
            Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:26 +0000
    Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:11 -0500
      Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-16 09:11 +0100
      Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:22 +0000
      Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:26 +0000
  Re: Is It Time To Replace SSH ??? Lew Pitcher <lew.pitcher@digitalfreehold.ca> - 2022-12-15 14:55 +0000
    Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:16 -0500
      Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:26 +0000
        Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 20:49 -0500
      Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2022-12-26 19:45 -0500
        Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-27 23:32 -0500
  Re: Is It Time To Replace SSH ??? Marco Moock <mo01@posteo.de> - 2022-12-15 18:03 +0100
    Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-15 18:36 -0500
      Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:28 -0500
        Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-16 01:33 -0500
          Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 02:08 -0500
            Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2022-12-17 14:21 +0000
              Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-28 01:23 -0500
                Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-29 07:37 +1000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 00:02 -0500
                Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-29 01:33 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 21:06 -0500
                Re: Is It Time To Replace SSH ??? Robert Riches <spamtrap42@jacob21819.net> - 2022-12-30 04:16 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 14:33 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:23 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:12 -0500
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 14:31 +0000
                Re: Is It Time To Replace SSH ??? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2022-12-30 19:09 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 20:38 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:32 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 01:00 -0500
                Re: Is It Time To Replace SSH ??? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2022-12-31 20:14 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2023-01-01 00:17 -0500
        Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:21 +0000
      Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:20 +0000
        Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-16 10:30 +0100
          Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:38 +0000
            Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:29 +0000
              Re: Is It Time To Replace SSH ??? Marc Haber <mh+usenetspam1118@zugschl.us> - 2022-12-16 21:44 +0100
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-17 07:05 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 02:31 -0500
                Re: Is It Time To Replace SSH ??? Robert Heller <heller@deepsoft.com> - 2022-12-17 12:59 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 00:22 -0500
                Re: Is It Time To Replace SSH ??? Computer Nerd Kev <not@telling.you.invalid> - 2022-12-19 17:50 +1000
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-19 10:13 +0000
                Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2022-12-17 14:25 +0000
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-18 00:51 +0100
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-18 11:16 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-18 12:02 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-18 20:57 -0500
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-19 10:05 +0000
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 12:24 +0100
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:08 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:24 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-20 22:57 -0500
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-21 09:35 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-24 21:29 -0500
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-28 09:06 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:18 +0000
                Re: Is It Time To Replace SSH ??? Marc Haber <mh+usenetspam1118@zugschl.us> - 2022-12-18 14:21 +0100
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-18 21:08 -0500
                Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-19 00:30 -0500
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:26 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 22:17 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 21:40 -0500
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 12:27 +0100
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 21:46 -0500
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-17 08:58 +0000
                Re: Is It Time To Replace SSH ??? Ted Heise <theise@panix.com> - 2022-12-20 14:24 +0000
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 16:14 +0000
                Re: Is It Time To Replace SSH ??? Ted Heise <theise@panix.com> - 2022-12-20 20:58 +0000
          Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-17 07:58 +1000
          Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-16 21:24 -0500
            Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-17 02:03 -0500
              Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 03:47 -0500
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-17 12:43 +0100
                Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 20:13 -0500
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-18 23:35 +0100
                Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-18 18:47 -0500
                Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 00:59 +0100
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 00:32 -0500
                Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-17 10:30 -0500
                Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 20:20 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-23 22:36 -0500
                Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-23 23:26 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:14 -0500
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-26 20:01 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 16:59 -0500
                Re: Is It Time To Replace SSH ??? Computer Nerd Kev <not@telling.you.invalid> - 2022-12-24 14:37 +1000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:44 -0500
                Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-27 08:33 +1000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 17:58 -0500
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:51 -0500
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-24 13:49 +0000
                Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:29 -0500
              Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-17 12:41 +0100
  Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2022-12-26 19:41 -0500
    Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-27 00:20 -0500
      Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2023-01-10 19:52 -0500
        Re: Is It Time To Replace SSH ??? gazelle@shell.xmission.com (Kenny McCormack) - 2023-01-13 21:21 +0000
          Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2023-01-13 23:03 +0000
            Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2023-01-13 21:48 -0500
            Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 03:39 +0000
            Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 10:40 +0000
            Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2023-01-14 11:14 +0000
              Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 11:39 +0000
                Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2023-01-14 14:04 +0000
                Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 14:28 +0000
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 15:26 +0000
          Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 03:38 +0000
            Re: Is It Time To Replace SSH ??? "26C.Z968" <26C.Z968@noaada.net> - 2023-01-14 01:47 -0500
              Re: Is It Time To Replace SSH ??? Dan Espen <dan1espen@gmail.com> - 2023-01-14 11:24 -0500
                Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 16:57 +0000

csiph-web