> > can't use Secure Shell, you might want to try One-Time Password packages,
> > such as OPIE. I believe that even WU-FTP is starting to support one time
> > passwords, too.
>
> Uhm, secure shell is not the answer to all problems. It WILL revert to an
> unsecure protocol if the other end can not establish an encrypted session.
The idea is to make sure all machines use Secure Shell. I know this isn't
always possible, but we don't live in an ideal world. :)
> Also, it is still just as easy to log in with a cracked password. About
> the only thing it is really great at is making sure that the other machine
> really has permission for a password-less login. Still, even THIS can be
> hacked if someone has gotten onto the machine in the past and snarfed a
> copy of your public ssh key.
Hence the One-Time Password suggestion. Either way, better to have/use
SSH than use telnet/ftp/r{login,sh,exec}.
-Ossama
