| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: carlos.oliv at gmail.com (Carlos de Oliveira) Subject: OpenSSH is a good choice? Thank you all for you attention! This helps me a lot. :-) On Mon, 20 Dec 2004 18:12:21 -0600, Kevin <kkadow@...il.com> wrote: > Nobody sitting on exploits for the current version of OpenSSH will > share them in public. > > Of the available SSH servers, OpenSSH (if you deploy the latest > version, with the latest OpenSSL library, and upgrade when new > versions come out for either OpenSSL or OpenSSH) is the least likely > to have remote exploits. > > The most secure deployment of OpenSSH is to run OpenSSH on OpenBSD on > an architecture with W^X hardware support (Sparc/Sparc64/AMD64). > > Personally, I would be nervous about having a SSH listener on TCP/22 > accessible from any Internet IP that cares to connect. You might > consider putting your server behind some sort of IPSEC VPN if you are > feeling paranoid. > > Kevin > > > On Sat, 18 Dec 2004 01:49:39 -0200, Carlos de Oliveira > <carlos.oliv@...il.com> wrote: > > Hi there! > > > > I am going to install OpenSSH in one of my servers, but I want to make > > sure it is secure. > > Does anybody know about vulnerabilites on OpenSSH, if yes, would you > > like to suggest me another remote secure shell ? >
Powered by blists - more mailing lists