Threats SSH Doesn’t Prevent
SSH isn’t a total security solution. We’ll now present some examples of attacks that SSH wasn’t designed to prevent.
3.10.1 Password Cracking
SSH dramatically improves password security by encrypting your password as it passes over the network. Nevertheless, a password is still a weak form of authentication, and you must take care with it. You must choose a good password, memorable to you but not obvious to anyone else, and not easily guessable. You must also avoid having your password stolen, since possession alone is sufficient to grant access to your account. So, watch out: the guy at the next terminal might be surreptitiously “shoulder surfing” (watching as you type). That computer kiosk you’re about to use may have been tricked up to log all keystrokes to Cracker Central Command. And the nice-sounding fellow who calls from Corporate IT and asks for your password to “fix your account” might not be who he claims.
Consider public-key authentication instead, since it is two-factor : a stolen passphrase is useless without the private-key file, so an attacker needs to steal both. Of course, the SSH client on the computer you’re borrowing can be rigged to squirrel away your key after you blithely supply your passphrase to decrypt it. If you’re that worried, you shouldn’t use strange computers. In the future, one hopes, cryptographic smartcards and readers will be ubiquitous and supported by SSH so that you can carry your keys conveniently and use them in ...