Active Topics
-
Is there a section to talk about Java ME? Apps, etc. (7)
to General by teroyk - 21 hrs, 26 mins ago - more...
| The Following User Says Thank You to davost For This Useful Post: | ||
 |
|
2009-12-03
, 01:08
|
|
Posts: 67 |
Thanked: 17 times |
Joined on Nov 2009
@ Germany
|
#22
|
Originally Posted by hqh
now in extra-testing, feel free to test and help me to get this wonderful piece of software ported well
Irssi appears to be already in extras-devel. I haven't tried it though, as I prefer to use IRC over ssh on a remote machine.
http://maemo.org/packages/package_in...irssi/0.8.14-1
note: you can switch with ctrl+n or ctrl+p from one to another window, don't ask how you can switch to windownumber x.
i did not binded it, reason: everyone think that his opinon of mapping the keys right is the best. it's irssi, so feel free to bind your keys like YOU want
| The Following User Says Thank You to detective For This Useful Post: | ||
|
|
2009-12-03
, 01:30
|
|
Posts: 174 |
Thanked: 71 times |
Joined on Aug 2007
|
#23
|
Originally Posted by davost
The renegotiation exploit doesn't give a man in the middle your private key and has absolutely NO impact on the security of ssh in this context.
Granted, ssh is very useful, I use it a lot. But I only have it enabled when and where I really need it. As a matter of fact you are not really safe. Just consider TLS. The foundation of almost all web security. That was considered safe until the renogatiation weakness was discovered not many months ago.
The renegotiation exploit allows a man in the middle to establish their own valid ssl connection (NOT ssh) to a server that accepts public requests, and then forward your new attempt as a renegotiation.
| The Following User Says Thank You to dick-richardson For This Useful Post: | ||
 |
|
2009-12-03
, 01:52
|
|
Posts: 445 |
Thanked: 572 times |
Joined on Oct 2009
@ Oxford
|
#24
|
Originally Posted by CrashandDie
It's perfectly true in principle that username's aren't a secret, but in practice the attacks I usually see are dumb dictionary attacks, not targetted thoughtful ones; if you've got systems that need to allow password auth then limiting the available usernames does reduce the chance of one of them getting a lucky hit. If you're keys only then it doesn't make much difference, but then I've had a machine that I thought was set to keys only get compromised because it turned out not to be, and a dictionary attack did get lucky.
Actually, the "one username only makes it secure" is a myth. A username isn't a secret, and it shouldn't be treated as one. Yes, my username on my boxes is "slauwers". Yes, my boxes are exposed to the wild wild web.
As a rule I like a security setup that can take the occasional balls-up without falling to pieces.
Originally Posted by davost
Not as well though. Your phone's likely to be hopping from network to network as you move around and that will break open tcp connections. With irssi running in screen on a machine with a stable connection your IRC session keeps running - you need to reconnect to it, but it doesn't keep popping on and off IRC. Aside from being generally more friendly that means that it captures conversation that takes place while you're disconnected, so you can catch up when you're back online.
As a conclusion though. If I find that I frequently need to access my home computer when I'm on the go. Well then I would open up my router for ssh. But for IRC which could be run as a client on the phone itself?
I just think you are better of with a defensive approach to security. And "a one-in-a-million event" of SSH getting cracked? I would say a one-in-fifty event, and still worry that I underestimate the risk.
| The Following User Says Thank You to ewan For This Useful Post: | ||
 |
|
2009-12-03
, 02:27
|
|
Posts: 670 |
Thanked: 359 times |
Joined on May 2007
|
#25
|
Originally Posted by ewan
Er, debian
Seriously - one in fifty what? SSH in general and OpenSSH in particular is open to the internet on an enormous number of machines and has been for a long time. It's a hugely high profile target, and has an excellent track record of security.
__________________
Class .. : Lame hacker & beardy boffin
Humour . : [#######---] Alignment: Apathetic anarchist
Patience : [####------] Weapon(s): My cat, my code.
Agro ... : |#---------] Relic(s) : N900, MacBookPro, NSLU2, N800, SheevaPlug, Eee-901, Core2-Quad, PS3
"In theory, theory and practice are the same. In practice, they're not."
--
Beware of extras-devel.
Class .. : Lame hacker & beardy boffin
Humour . : [#######---] Alignment: Apathetic anarchist
Patience : [####------] Weapon(s): My cat, my code.
Agro ... : |#---------] Relic(s) : N900, MacBookPro, NSLU2, N800, SheevaPlug, Eee-901, Core2-Quad, PS3
"In theory, theory and practice are the same. In practice, they're not."
--
Beware of extras-devel.
| The Following User Says Thank You to fnordianslip For This Useful Post: | ||
|
|
2009-12-03
, 02:32
|
|
Posts: 174 |
Thanked: 71 times |
Joined on Aug 2007
|
#26
|
Originally Posted by fnordianslip
Are you referring to the vulnerability that led to a certain percentage of ssh keys that were easier to brute-force than others and was fixed within the week with no known loss?
Er, debian
| The Following User Says Thank You to dick-richardson For This Useful Post: | ||
|
|
2009-12-03
, 02:39
|
|
Posts: 670 |
Thanked: 359 times |
Joined on May 2007
|
#27
|
Originally Posted by dick-richardson
Yes, precisely. You seem to be impressed by the fact that it was fixed. I suppose that's what you get from hanging around here
Are you referring to the vulnerability that led to a certain percentage of ssh keys that were easier to brute-force than others and was fixed within the week with no known loss?
I was mostly poking fun at the actual cause of the problem.
__________________
Class .. : Lame hacker & beardy boffin
Humour . : [#######---] Alignment: Apathetic anarchist
Patience : [####------] Weapon(s): My cat, my code.
Agro ... : |#---------] Relic(s) : N900, MacBookPro, NSLU2, N800, SheevaPlug, Eee-901, Core2-Quad, PS3
"In theory, theory and practice are the same. In practice, they're not."
--
Beware of extras-devel.
Class .. : Lame hacker & beardy boffin
Humour . : [#######---] Alignment: Apathetic anarchist
Patience : [####------] Weapon(s): My cat, my code.
Agro ... : |#---------] Relic(s) : N900, MacBookPro, NSLU2, N800, SheevaPlug, Eee-901, Core2-Quad, PS3
"In theory, theory and practice are the same. In practice, they're not."
--
Beware of extras-devel.
| The Following User Says Thank You to fnordianslip For This Useful Post: | ||
|
|
2009-12-05
, 12:05
|
|
Posts: 48 |
Thanked: 19 times |
Joined on Sep 2009
|
#28
|
After using Irssi since getting the tip in this thread I have come to the conclusion that irssi must be quite a power hog. Having 3g on, WLAN off, bluetooth off, gps off and no widgets on the desktop but irssi on all the time my battery drains in 7-8 hours. After charging my phone I'm going to run one battery cycle without irssi on to see if it still drains the battery as fast.
As a potential sollution I'm already looking at getting a dd-wrt compatible wlan router instead of the one I have now so that I can install irssi on it and ssh to the router with my phone. My friends running irssi on his server and is sshing to it with his n900, he had it on last night (10 hours) and it drained only 15% of his battery.
Anyone else with simmilar experience?
As a potential sollution I'm already looking at getting a dd-wrt compatible wlan router instead of the one I have now so that I can install irssi on it and ssh to the router with my phone. My friends running irssi on his server and is sshing to it with his n900, he had it on last night (10 hours) and it drained only 15% of his battery.
Anyone else with simmilar experience?
| The Following User Says Thank You to MaxiKana For This Useful Post: | ||
 |
|
2009-12-05
, 16:02
|
|
Posts: 780 |
Thanked: 855 times |
Joined on Sep 2009
@ Helsinki, Finland
|
#29
|
Originally Posted by davost
Because you'll be able to continue your IRC sessions everywhere, on your work computer, home computer, laptop, N900, S60 smartphone.And without any reconnecting and join/quit spam for other users. It'll also collect all your private messages and also all other conversations.
Hey, let's say we disagree on some things. And leave the rest of the discussion to future thread where it isn't off topic.
As a conclusion though. If I find that I frequently need to access my home computer when I'm on the go. Well then I would open up my router for ssh. But for IRC which could be run as a client on the phone itself? I just think you are better of with a defensive approach to security. And "a one-in-a-million event" of SSH getting cracked? I would say a one-in-fifty event, and still worry that I underestimate the risk.
Use a strong password, or even better, a keypair.
__________________
My blog (mostly about my themes)
My blog (mostly about my themes)
| The Following User Says Thank You to joppu For This Useful Post: | ||
|
|
2009-12-13
, 19:29
|
|
Posts: 1 |
Thanked: 1 time |
Joined on Dec 2009
|
#30
|
Originally Posted by MaxiKana
I have an Asus WL-500W with dd-wrt keeping up my irssi in screen, and it is really really nice. Now I have a new N900 and of course I ssh with it to the Asus, screen and irssi.
As a potential sollution I'm already looking at getting a dd-wrt compatible wlan router instead of the one I have now so that I can install irssi on it and ssh to the router with my phone. My friends running irssi on his server and is sshing to it with his n900, he had it on last night (10 hours) and it drained only 15% of his battery.
Anyone else with simmilar experience?
There is two problems with using irssi with N900: (Could someone help with these.)
- No Alt key - Is this somehow doable?
- Scandinavian characters missing - how can I get them work?
| The Following User Says Thank You to anttu For This Useful Post: | ||
As a conclusion though. If I find that I frequently need to access my home computer when I'm on the go. Well then I would open up my router for ssh. But for IRC which could be run as a client on the phone itself? I just think you are better of with a defensive approach to security. And "a one-in-a-million event" of SSH getting cracked? I would say a one-in-fifty event, and still worry that I underestimate the risk.