On Fri, 3 Apr 1998 dmcewen @
> SSH provides security via encryption, so it makes it much harder to
> snoop your data including userid and password. However, if some one is
> able to comprimise your userid/password, then you have made the
> firewall a joke because it is so easy to tunnel other protocols via
> ssh. I'd suggest that inbound ssh only be done with strong auth such
> as SecurID.
It should be noted that you can disable this tunnelling feature
by using 'no-port-forwarding'. Also compromising the userid and
password is a lot harder than it sounds since it is encrypted. Somebody
would have to be looking over your shoulder. But, it's a good point.
Doug Hughes Engineering Network Services
System/Net Admin Auburn University