http://www-hera-b.desy.de/subgroup/computing/sshinst.html
Why?
Because every password you type after using rsh
, rlogin
, xrsh
, xrlogin
, telnet
, or ftp
is transmitted as clear ASCII text over the network. This way, any root user running a simple tool to dump the TCP/IP traffic can collect passwords. These tools come with a number of operating systems. Different from the above, ssh
offers you encryption of all information transmitted in your session.
Although ssh
comes with the SUSE Linux distribution, it is always a good idea to get the latest release from http://www.cs.hut.fi/ssh/ or the German mirror ftp://ftp.cert.dfn.de/pub/tools/net/ssh. As of this writing, this is ssh-1.2.26.tar.gz of 10-July-1998. The archive comes with a PGP signature.