Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.misc > #36533
| Subject | Re: Is It Time To Replace SSH ??? |
|---|---|
| Newsgroups | comp.os.linux.misc |
| References | <y-ycndVmEZmnWQf-nZ2dnZfqn_WdnZ2d@earthlink.com> <tnfch7$33uu5$1@dont-email.me> <dM6cnVBFo_qAYgb-nZ2dnZfqnPGdnZ2d@earthlink.com> <tnhdk8$3bglv$6@dont-email.me> |
| From | "26C.Z969" <26C.Z969@noaada.net> |
| Date | 2022-12-17 20:49 -0500 |
| Message-ID | <xaSdnffGtOpZ7AP-nZ2dnZfqn_idnZ2d@earthlink.com> (permalink) |
On 12/16/22 4:26 AM, The Natural Philosopher wrote: > On 16/12/2022 05:16, 26C.Z969 wrote: >> On 12/15/22 9:55 AM, Lew Pitcher wrote: >>> On Thu, 15 Dec 2022 01:52:41 -0500, 26C.Z969 wrote: >>> >>>> SSH is a good oldie for sure. However, it seems to be increasingly >>>> unfit >>>> for the modern realities. >>> [snip] >>>> I mean REPLACE it entirely with a clean new solution. Too much >>>> feature-creep on old apps is never a good idea. >>> >>> While I don't agree with you (I think that your observed problems >>> are likely caused more by operator error than aged software), I >>> have no problems with YOU attempting to replace ssh with something >>> better. Have at it, my friend. >>> >>> Once YOU write a stable and featurefull replacement for ssh, please >>> let us know. >>> >>> Luck be with you >> >> In the end I may HAVE to ... but not my idea >> of fun. Replacing SSH really needs to be a >> "community effort" drawing from a lot of >> expertise and experience with broad agreement >> involved. >> >> Or is all this already behind the curve ? SO much >> access is now via browser-based apps. >> >> SolarWinds will sell you some great stuff .... >> > > Just build a wrapper - a sort of modern inetd - that requires > simultaneous access on three ports to open one of them to any service. "Port knocking" and relatives are nothing new. And yes, they WILL keep out the rabble, unless the rabble is motivated to monitor every packet coming in and out for days/weeks and the spend a lot longer in analysis. But every layer also adds "inconvenience" for the legit users. They also need custom software to, for example, light up the correct other ports so they can access the real one. Thing is, any human can, looking at the usual kinds of logs, immediately spot an aggressor. Computers normally don't see that however - so perhaps a broader solution is to make it so they CAN ... apply a little "AI" ... what does an attack "look like" ? > Proper packaged port knocker. Might already be one. There are. > SSH is a perfectly adequate protocol that only purists find inadequate. Ten years ago I'd have agreed ... but now with massive distributed attacks becoming the norm even for the script kiddies ........ The inbuilt defenses of SSH just weren't made for those sorts of attacks. You can add wrappers, then more wrappers, until you have a fragile mess - but a ground-up replacement seems "better" somehow. And "security" is never "purist" ... it's VITAL.
Back to comp.os.linux.misc | Previous | Next — Previous in thread | Next in thread | Find similar
Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-15 01:52 -0500
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-15 08:39 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-15 10:09 +0000
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-15 18:33 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:19 +0000
Re: Is It Time To Replace SSH ??? Roger Blake <rogblake@iname.invalid> - 2022-12-19 00:12 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:05 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:21 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-17 07:03 +0000
Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2022-12-19 15:46 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 16:30 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:27 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:10 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:26 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:11 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-16 09:11 +0100
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:22 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:26 +0000
Re: Is It Time To Replace SSH ??? Lew Pitcher <lew.pitcher@digitalfreehold.ca> - 2022-12-15 14:55 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:16 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:26 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 20:49 -0500
Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2022-12-26 19:45 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-27 23:32 -0500
Re: Is It Time To Replace SSH ??? Marco Moock <mo01@posteo.de> - 2022-12-15 18:03 +0100
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-15 18:36 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-16 00:28 -0500
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-16 01:33 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 02:08 -0500
Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2022-12-17 14:21 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-28 01:23 -0500
Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-29 07:37 +1000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 00:02 -0500
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-29 01:33 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 21:06 -0500
Re: Is It Time To Replace SSH ??? Robert Riches <spamtrap42@jacob21819.net> - 2022-12-30 04:16 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 14:33 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:23 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:12 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 14:31 +0000
Re: Is It Time To Replace SSH ??? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2022-12-30 19:09 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-30 20:38 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 00:32 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-31 01:00 -0500
Re: Is It Time To Replace SSH ??? Charlie Gibbs <cgibbs@kltpzyxm.invalid> - 2022-12-31 20:14 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2023-01-01 00:17 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:21 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:20 +0000
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-16 10:30 +0100
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-16 09:38 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-16 18:29 +0000
Re: Is It Time To Replace SSH ??? Marc Haber <mh+usenetspam1118@zugschl.us> - 2022-12-16 21:44 +0100
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-17 07:05 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-17 02:31 -0500
Re: Is It Time To Replace SSH ??? Robert Heller <heller@deepsoft.com> - 2022-12-17 12:59 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 00:22 -0500
Re: Is It Time To Replace SSH ??? Computer Nerd Kev <not@telling.you.invalid> - 2022-12-19 17:50 +1000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-19 10:13 +0000
Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2022-12-17 14:25 +0000
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-18 00:51 +0100
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-18 11:16 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-18 12:02 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-18 20:57 -0500
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-19 10:05 +0000
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 12:24 +0100
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 09:08 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:24 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-20 22:57 -0500
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-21 09:35 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-24 21:29 -0500
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-28 09:06 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:18 +0000
Re: Is It Time To Replace SSH ??? Marc Haber <mh+usenetspam1118@zugschl.us> - 2022-12-18 14:21 +0100
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-18 21:08 -0500
Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-19 00:30 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-19 11:26 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 22:17 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 21:40 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 12:27 +0100
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-19 21:46 -0500
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-17 08:58 +0000
Re: Is It Time To Replace SSH ??? Ted Heise <theise@panix.com> - 2022-12-20 14:24 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2022-12-20 16:14 +0000
Re: Is It Time To Replace SSH ??? Ted Heise <theise@panix.com> - 2022-12-20 20:58 +0000
Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-17 07:58 +1000
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-16 21:24 -0500
Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-17 02:03 -0500
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 03:47 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-17 12:43 +0100
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 20:13 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-18 23:35 +0100
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-18 18:47 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-19 00:59 +0100
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-29 00:32 -0500
Re: Is It Time To Replace SSH ??? "David W. Hodgins" <dwhodgins@nomail.afraid.org> - 2022-12-17 10:30 -0500
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-17 20:20 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-23 22:36 -0500
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2022-12-23 23:26 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:14 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-26 20:01 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 16:59 -0500
Re: Is It Time To Replace SSH ??? Computer Nerd Kev <not@telling.you.invalid> - 2022-12-24 14:37 +1000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:44 -0500
Re: Is It Time To Replace SSH ??? not@telling.you.invalid (Computer Nerd Kev) - 2022-12-27 08:33 +1000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 17:58 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:51 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2022-12-24 13:49 +0000
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-26 01:29 -0500
Re: Is It Time To Replace SSH ??? "Carlos E. R." <robin_listas@es.invalid> - 2022-12-17 12:41 +0100
Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2022-12-26 19:41 -0500
Re: Is It Time To Replace SSH ??? "26C.Z969" <26C.Z969@noaada.net> - 2022-12-27 00:20 -0500
Re: Is It Time To Replace SSH ??? Popping Mad <rainbow@colition.gov> - 2023-01-10 19:52 -0500
Re: Is It Time To Replace SSH ??? gazelle@shell.xmission.com (Kenny McCormack) - 2023-01-13 21:21 +0000
Re: Is It Time To Replace SSH ??? Rich <rich@example.invalid> - 2023-01-13 23:03 +0000
Re: Is It Time To Replace SSH ??? Andreas Kohlbach <ank@spamfence.net> - 2023-01-13 21:48 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 03:39 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 10:40 +0000
Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2023-01-14 11:14 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 11:39 +0000
Re: Is It Time To Replace SSH ??? Pancho <Pancho.Jones@proton.me> - 2023-01-14 14:04 +0000
Re: Is It Time To Replace SSH ??? Richard Kettlewell <invalid@invalid.invalid> - 2023-01-14 14:28 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 15:26 +0000
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 03:38 +0000
Re: Is It Time To Replace SSH ??? "26C.Z968" <26C.Z968@noaada.net> - 2023-01-14 01:47 -0500
Re: Is It Time To Replace SSH ??? Dan Espen <dan1espen@gmail.com> - 2023-01-14 11:24 -0500
Re: Is It Time To Replace SSH ??? The Natural Philosopher <tnp@invalid.invalid> - 2023-01-14 16:57 +0000
csiph-web