SSH and privacy

SSH and privacy

Post by Mads Bac » Fri, 22 Jan 1999 04:00:00




> Excuse a somewhat newbie question - anyhow..........

> I'm using F-secure SSH and I was wondering - how can I tell my
> forwardings really are "secured"?

> I mean, looking into my ISP's server with eg the ps, top, w and
> other commands - at first I saw some sshd1 and stuff related to ssh.
> But now, I do not see any evidence that my sessions are "ssh-secured"
> - only that I'm utilizing tcsh.

If you can do a 'netstat -a | grep [name of your machine here]', you
should see a line that looks something like this this:
novodny.22               potempkin.1021 32120      0  8760      0
ESTABLISHED
        ^^- (might instead be ssh)
(where novodny is the server, and potempkin is my machine)

This shows that I'm connected to the ssh port (#22), and thus secured.
If you instead saw something like:

trotsky.login               potempkin.2044 8576      0  9112      0
ESTABLISHED
        ^^^^^
that would mean you were not secured in any way.

Quote:> The ssh-config states that fallback is enabled - does this
> imply that -  if my F-Secure SSH and the ISP's SSH-prog do not
> work together - my forwardings are as open as without ssh, even
> though my ssh-prog sais "Compression" and "3DES"?

Well, I've not really used F-Secure SSH for Windows (which it sounds
like you're using) that much, but ssh for for unix tells you that it's
reverting to an insecure connection.

Quote:> With access to the remote UNIX-server - what commands, files
> and such can give me a better picture of what's going on?

netstat -a is a good bet...

Kind Regards
Mads Bach

"It is better merely to live one's life,
realizing one's potential,
rather than wishing
for sanctification." (remove NoSpam.)
               - Lao Tzu, "Tao Te Ching"