I am not sure if my understanding of (Open)ssh is
accurate so I am putting this to the list.
Here is the scenario and I want to know how safe my
sessions via ssh are?
On the server is OpenSSH 3.4p1 SSH protocols 1.5/2.0.
I generated a key for [EMAIL PROTECTED] and a password. So
logging in is $ssh -i identity-me(servername)key
me@(serverdomainname.com)
Enter passphrase for RSA key 'identity.....key
after entering password for key I am now logged in as
reg user. There are no root logins allowed via ssh. So
now as reguser I can su to root after entering root
password. Auto-logouts after about 15 minutes of
inactivity. Though when I was having alot of problems
with connectivity I would keep ssh session open by
doing "ping -i 15 myhomepc.mydomain" . It seems that
the time issues and connectivity issues were bios
powermanagement issues that I have resolved. The
question still remains in my mind though- With the
above scenario- ssh with key & RSA password, no root
log-in & LIDS how safe is having a session open for
hours?
Any comments/opinions?
Thanks
__________________________________
Do you Yahoo!?
Read only the mail you want - Yahoo! Mail SpamGuard.
http://promotions.yahoo.com/new_mail
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
