ehh.. those are very unsubstantial claims... Are you suggesting SSH is cryptographically broken and ignoring that it has far more production use in the wild than anything else?
Speed I'd give you sure, but the kind of things one would use it for is not going to be noticeable
It's probably a better Linux 101 to understand the vast capabilities inherent to SSH and get the user terminal maxxing
101 sats \ 0 replies \ @Hakuna 11 Jul
I'm not suggesting the cryptography is broken, but having an ongoing SSH root tunnel exposes unnecessary attack vectors. Terrapin was just the recent one, and I'm in favor to not have my ssh in the open at all.
Yes you can FW restrict the access to specific ip ranges, but then you're back into the configuration and security overhead you intended to avoid in the first place.
Read my summary, I think it's a valid option, but I wouldn't want this for my production routing node running for 4 years 24/7
reply