Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


WARNINGS | 17 comments | Create New Account
Click here to return to the 'WARNINGS' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
WARNINGS
Authored by: brontide on Sep 11, '07 08:42:58AM

1) You must secure *ALL* accounts with a password before enabling ssh 'Remote Access' or you are leaving your system open. Note, even though the sshd_config appears to prohibit empty passwords it's a bug in pam support that Apple has know about for YEARS!

2) MacFusion has a serious security issues with textual passwords stored in the keychain for ssh mounts. MacFusion will happily disclose the password to any application/script running within your context.

3) SSHKeychain before 0.8.1 also had some major security issues that have been resolved.

The most secure way to do this is to use ssh keys to authenticate ( which you should be using anyways ) rather than plain text passwords.



[ Reply to This | # ]