[ale] possible ssh compromise?

David Corbin dcorbin at machturtle.com
Mon Nov 24 12:17:10 EST 2003


John Wells wrote:

>Ok....someone sanity check me here...
>
>
>I'm sshing into my home box and mistype my password a few times (fat
>fingered morning).
>
>Here's what it looks like:
>
>$ ssh myuser at myhome.net
>Password:
>Password:
>Password:
>myuser at myhome.net's password:
>myuser at myhome.net's password:
>myuser at myhome.net's password:
>Received disconnect from 66.22.42.XX 2: Too many authentication failures
>for myuser
>
>So, if I mistype the password 6 times, I get the following scenario above.
>
>If I ssh to a box on the local lan here at work, I instantly get
>myuser at mylocalhost's password:
>
>3 times, then failure.
>
>no "Password:" only prompts.
>
>Still, it seems to me that I've used ssh a lot in the past and only gotten
>simply "Password:".
>
>I'm wondering if this is some configuration thing I've set incorrectly or
>something else.  My home machine is a Red Hat 7.3 system.
>
>Course, it could be wishful thinking...and I could be compromised.  Any
>insight?
>
>Thanks!
>John
>
>  
>

I get "user at host's password:" on my box, which I 'm sure is as safe as 
safe can be for a box that is ultimately network reachable.

>_______________________________________________
>Ale mailing list
>Ale at ale.org
>http://www.ale.org/mailman/listinfo/ale
>
>  
>




More information about the Ale mailing list