[svlug] SSH password question

James W. Abendschan jwa at jammed.com
Fri Nov 6 22:52:51 PST 1998

Previous message: [svlug] SSH password question
Next message: [svlug] SSH password question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 6 Nov 1998, Hans Cathcart wrote:
> I'm using SSH to log into my servers, but I'm also using POP to check my
> mail. Since both SSH and POP look at the /etc/passwd file, I see a security
> problem. If someone traps my POP session password, which is not encrypted,
> they can then log in through SSH. Is there an easy, straight-forward way of
> having different passwords?

You can always use ssh's port forwarding option to create a secure channel
through which you can tunnel things like POP.  ie:

	ssh secure.net. -L 2110:pop.secure.net:110

..will make port 2110 on the local host redirect to port 110 on pop.secure.net 
over an encrypted channel.  Then point fetchmail (or whatever) at 
localhost:2110 to fetch your mail via POP3.

An alternative is to implement APOP (cucipop and qpopper both support this.)
The sniffers will still be able to read your mail, but they won't
be able to sniff your password.

James

--
James W. Abendschan
http://www.jammed.com/
I want the TCP/IP equivalent of a Rat Thing.

--
echo "unsubscribe svlug" | mail majordomo at svlug.org
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ to unsubscribe

Previous message: [svlug] SSH password question
Next message: [svlug] SSH password question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list