14 Jun
2005
14 Jun
'05
15:46
Hello all: The sshd_config file says (/etc/ssh/sshd_config) that: # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no I have a question regarding this. Does this mean that if I enable password authentication (change it to yes) and login to a computer via ssh using login name and password combination, the login name and password are sent as clear text (and easily can be sniffed)? I always thought that everything sent through the ssh channel is encypted, even the password and login name. Was I wrong? Please explain it. Thanks, IG