Re: [suse-security] dns-Spoofing and ssh?

On Thu, Mar 30, 2006 at 10:28:02AM +0200, Moskito wrote:

Hello List,

Hello.

I just wondered how a dns-spoofing attack to ssh could work in general?

It's useful when using Rhosts authentication which do not use any crypto but mimics the Berkley r-commands. Note: Do NOT use Rhosts authentication. ;) -- Bye, Thomas -- Thomas Biege , SUSE LINUX, Security Support & Auditing -- Self-preservation considerations prevented the author from exploring the effects of rebooting the multi-user Unix machines. -- Peter Gutmann