Explore top 10 tips to secure your open-source projects now. Read More
×
Unfortunately, this is no longer the case, according to an advisory that was sent out by the Openwall Project and that discusses weaknesses in the SSH-1 and SSH-2 protocols. Although attackers may not be able to "read" transmitted data sent in a Secure Shell session, it's possible that they could guess the length of passwords and shell commands. The captured data could be used to try brute-force attacks on passwords. It should be noted, however, that it is still preferable to utilize encrypted protocols.
The link for this article located at UnixReview is no longer available.