accessing my linux box via telnet

Tim Chase blinux.list at
Thu May 3 15:35:05 UTC 2007

>> Another alternative is to use a one-time password (OTP)
> true, but if you then would use s - to get a root-shell the
> root-password would still go cleartext over the net and
> connection hijacking is a serious possibility (even so
> man-in-the-middle attacks)

The moral of that story is that if you use OTP, it's only for 
authentication, not for encryption.  Thus, don't do anything 
confidential over the line.  That includes typing passwords, 
reading confidential email, berating your boss, making 
death-threats, etc.

Connection hijacking/MITM injection attacks are also a 
possibility and a far more serious matter if on the wild 
internet.  One might want to create a remote-access user in a 
chroot jail that you can use, only providing the utilities that 
you'd need/want remotely and that don't access confidential 
information.   This does cut down on the usefulness of the whole 
matter, but if you just want to remotely access a small selection 
of files, OTP+chroot might be a good way to be safely access even 
over a telnet connection.


More information about the Blinux-list mailing list