9 Jan
2002
9 Jan
'02
21:55
You might browse this paper: "Timing Analysis of Keystrokes and Timing Attacks on SSH" by Dawn Xiaodong Song, David Wagner, and Xuqing Tian. 10th USENIX Security Symposium, 2001. They're from UCB and they're smart. PostScript: http://www.cs.berkeley.edu/~daw/papers/ssh-use01.ps PDF: http://www.cs.berkeley.edu/~daw/papers/ssh-use01.pdf Matt Hubbard wrote:
List,
If I su to root after logging in via ssh then I am still transmitting my root password (although it is encrypted). From a security standpoint, what's the difference in exposure?
Matt Hubbard
PS - Thanks for the great feedback!
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com