3 Jan
2012
3 Jan
'12
3:58 p.m.
On Tue, Jan 3, 2012 at 12:48 AM, Bennett Haselton bennett@peacefire.org wrote:
You can also set up openvpn on the server and control ports like ssh to only be open to you if you are using an openvpn client to connect to the machine.
True but I travel a lot and sometimes need to connect to the machines from subnets that I don't know about in advance.
Have you ever typed your password on a machine you didn't control? Or even one that was not completely secure (i.e. could have had a hardware keylogger attached, or a software key logger installed by a trojan, virus, or wifi hack)? If so, you might be missing the most likely possibility for someone having your password: simply grabbing it as you type before ssh gets a chance to encrypt it.
--
Les Mikesell
lesmikesell@gmail.com