Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 12 years ago.
Improve this question
I wonder how safe ssh is, espespecially in state of authentification/initializing. Is there any way for a hacker to sniff some "hashkeys" or stuff to decrypt my stream? or is SSH completly safe, with no yet known bugs or weaknesses?
I read some text on that topic, but almost all of them dont cover such special cases. at best they only tell to use ssh instead of telnet
thanks
SSH-1 is vulnerable to man-in-the-middle attacks.
SSH-2 can be vulnerable but usually only if you're accepting dodgy third party public keys, or not patching known implementation bugs.
Due to the nature of the asymmetric encryption used in ssh nothing transmitted over the wire can be used to decrypt your communication.
If you re only trusting the correctly signed public keys and using SSH-2.
Related
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 4 years ago.
Improve this question
I want to build a web site which at the backend uses node.js express.js and couchdb which will store some sensitive information. I want to know how is it possible to encrypt sensitive information and store it in couchdb. What is the most secure way to encrypt the data?
Thank you
Yes, it is possible. almost all languages support cryptography either directly or indirectly.
NodeJS provides a crypto module;
The crypto module provides cryptographic functionality that includes a set of wrappers for OpenSSL's hash, HMAC, cipher, decipher, sign, and verify function
for reference visit: https://nodejs.org/api/crypto.html
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
this could be a very easy question, I have read some articles but I cannot fit those articles to my situation:
I have from remote.com server a pair of private and public keys (.ppk) for user 'dummy'.
I am in some Unix server (AIX 7.1) and I want to do:
ssh dummy#remote.server with prompt the login
We don't know the password they just provided the keys to log in into the server.
What we have to do?
Just in case: We don't have puttygen and We are not allowed to install it, do we have to ask for PEM format keys?
Making some assumptions:
That the people who have given you the public/private key pair have set up the remote server "dummy" account appropriately
The version of SSH on your local UNIX server is OpenSSH (or something similar)
You need to save the private key you have been given somewhere safe on the filesystem, but this needs to be in the format the local SSH client understands - and for this you will need to run it through 'puttygen'. Does not have to be on the local server, just somewhere to get the right format of key.
ssh -i <identity-file> dummy#<servername>
should do the trick.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I was wondering about the following: if I access another Computer over a video stream, (maybe like remote desktop), could the NSA read the websites and texts from that stream, even though only video is transmitted?
thanks!
Remote Desktop, as in RDP does not stream video. Unlike other remote desktop software, RDP actually uses kernel level access which is why RDP is so much smoother than a lot of the software that uses images.
RDP is vulnerable to man-in-the-middle attacks, but this is pretty unlikely to happen to you unless you are a highly valuable target. You can use SSL to prevent this sort of thing.
Regardless of all of that, your question seems to be about image-based remote desktop. You are, I think, correct in your assumption that the images are difficult to read vs. just intercepting plain text/html/etc. If the transmission was intercepted, they could "play it back" if it was not encrypted, and see what happened. The thing is, even the transmission between you and the remote host are secure - what about the transmission between the host and the internet? It is likely that whatever you are doing can be traced to the host, and then to you.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Tell me if I'm wrong: LastPass can never see my passwords, because they are encrypted with a key that stays in my own computer?
Then how is it possible that I can use my passwords from another computer?
My only guess is that the key is the password I use to login to LastPass, or at least it is generated based on it, so it is related in some way. So when I login to LastPass from another computer, they key same key is created in that computer.
The key is derived from a password you input. They use PBKDF2 with a user defined number of iterations according to their website.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I noticed recently that I have many login attempts, over 2 million and counting. This is surely a brute force attack.
How can I auto block ip for 15 minutes on root ssh access failure?
I don't need a firewall; just a small option to activate this security feature.
What do you suggest?
I suggest using SSH keys and not using passwords at all. Even if you don't do that I recommend disabling SSH logins as root directly. Either way you won't have to worry about your problem. Remember that if you block IPs on failed login attempts then you'll have to worry about denial of service that can allow anyone to deny you access to your own machine if he's behind the same NAT as you, etc. Also any attacker worth his salt would just distribute the attack across many IPs anyway.
fail2ban (works out of the box, and works quite nicely)