LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Is SSH alone secure? (https://www.linuxquestions.org/questions/linux-newbie-8/is-ssh-alone-secure-4175476217/)

Altiris 09-06-2013 02:25 PM
Is SSH alone secure?
 
I have a CentOS 6.4 box and I use SSH when I am away to read some log files from the FTP and mail server and also to restart some services or just check if the server is online. The SSH I am talking about is when I can log into a server and am presented with a terminal/command line only interface. Is this secure, meaning, does it work like how VNC and RDP work, sending your password in plain text through the internet or no? If not, can I setup SSL with it or something?

Keith Hedger 09-06-2013 02:38 PM
If you are worried about security set up public/private keys which avoid the problem of passwords and I think use 128bit encryption but even so this
Code:
...Finally, if other authentication methods fail, ssh prompts the user for a
    password.  The password is sent to the remote host for checking; however,
    since all communications are encrypted, the password cannot be seen by
    someone listening on the network...
from the man page would point to paswwords being reasonably secure ( depending on the password of course "abc123" is NOT a good password ).

In these situations the manpage is your friend!

Jenni 09-06-2013 02:41 PM
Quote:
Originally Posted by Altiris (Post 5023230)
I have a CentOS 6.4 box and I use SSH when I am away to read some log files from the FTP and mail server and also to restart some services or just check if the server is online. The SSH I am talking about is when I can log into a server and am presented with a terminal/command line only interface. Is this secure, meaning, does it work like how VNC and RDP work, sending your password in plain text through the internet or no? If not, can I setup SSL with it or something?
I think SSHv2 uses mostly the same encryption that SSL uses anyway. SSHv1 (which has fallen out of use mostly, for good reason) is less secure. to disable SSHv1 support go to your /etc/ssh_config file and change the protocol line to:

# Protocol 2

This will disallow use of the less secure older protocol. (By default on many systems 2 and 1 are enabled)

Altiris 09-06-2013 02:59 PM
Oh okay so SSH is secure then, sweet. I will be doing SSH tunneling for RDP and VNC now.

szboardstretcher 09-06-2013 07:49 PM
Is SSH alone secure?
 
ssh requires the openssl library. ssh stands for secure shell. you are fine. its encrypted.


All times are GMT -5. The time now is 09:45 AM.