Mailing List Archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Remote Backups and Command Line Stuff



essertier wrote:
> Jim wrote:
> 
>> You will want to learn how to use rsync and ssh separately 
>> and together anyway, so keep studying them. 
>>
>> ssh can do many many things. 
>>
> 
> I read a little more about ssh.  Sounds great.
> The only thing I wonder is, "Is it really that secure?"  Is it as secure
> as PGP?

Yes and no.

Yes, as encryption system.

No, if you use it the wrong way. Using ssh in scripts means you will not
input manually passwords. If you cross-allow these accesses in your
network, this could be an issue, obviously (one could access your whole
network from one host, should he get an access).

I also saw the crazy situation where admins decided to give root access
to the whole network from an unique "secured" machine.
In that case, an attacker would need only to find a way to attack this
particular machine to get immediate access to 3,000 servers. Too easy in
open space offices.

You should also take care of any home directory share. If you share your
drive (nfs), potentially anybody could become "you", and potentially get
your credentials.

br.

-- 
GPG Key: 653514E5 (http://www.raoult.com/gpg)
--
"Bon, puisque tout le monde a oublié son maillot, voilà ce que je vous
propose..."
   -- Moïse

Attachment: signature.asc
Description: OpenPGP digital signature


Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links