Keep SSH Sessions Active, Or Reconnect?

borjonx writes "Is it safer to log out of an SSH session, and re-establish it later, or just keep the connection open? Like many of you, I use OpenSSH to connect to my Slackware Linux boxes remotely from Linux and WinXP (putty.exe) clients. At home and at work, I wonder if it would be safer to just leave the connection open (my clients are physically secured, the servers limit connections with hosts.allow). Is it more secure to re-establish the connection over an insecure link (big bad internet) where people can sniff that handshaking, or is it more secure to just remain connected? I connect 1 to 4 times per day, most days."

Re:screen

[mysidia]

I'll agree owch.

But you're quoting a vulnerability in a piece of software that was patched 3 years ago, in response to an article about running PuTTy on a Windows system.

A windows system that today likely has so many unpatched 0-day vulnerabilities, that they can't be counted, not even on all the current and past Windows developers' fingers, put together.

This is just a variant of tried-and-true character-based attacks against terminals. Smart people use mesg n on multi-user systems, especially when running as root.

Re:tag: youarentthatimportant - WTF?

[BitZtream]

This is the same messageboard that wants https for everything, even for this board.

Really? My url shows http:/// for slashdot.

And on top of it, it is full of nerds that tend to love to go into this kind of obscure detail.

Which is why it has multiple tags, not one. Its also why there are a bunch of posts to this story stating/arguing/comparing the various features and possible ways that it might go bad. The tag didn't change anything from happening, it just provides additional, potentially useful metadata for the future.

The metadata is human provided and human re-enforced metadata that even when its wrong, almost always turns out more useful than anything machine generated. People often search for the wrong then only to be educated along the way as to what they really should be looking to find. 'bad' meta data like this has helped me find more on search engines than anything else, when a tag shows on the front page its because its popular with the people viewing the content, meaning that if I'm looking for that type of content, I'm more likely to use that term (maybe not in this specific case I'll admit) for my search, even though it is clearly incorrect for what I'm looking for.

The art of searching, with the help of metadata is more often than you would imagine facilitated by 'incorrect' or 'bad', plain and simple. This particular bit is entirely unlikely to hurt anyones search anyway.

I know I've searched for 'aren't that important' and 'isn't important' in direct relation to cryptography, this tag may actually have helped me.

And then tag it "you aren't that important" implying "what are you worried about", or with a little further stretch "you have nothing to hide, so don't bother". This is quite ridiculous.

It implies a 'from a practical standpoint, it doesn't matter what you do'. He isn't that important, if he was, he wouldn't be asking. Yes, thats an annoying way to look at it, but thats reality. Now he may be asking for purely informative reasons, in which case, everyone is still giving him the answer, so the tag doesn't matter.

It's denigrating at best.

I guess I'm stupid, but what? Okay, so I looked it up, but really, are you going out of your way to use rarely used words?

It's stupid, and shows lack of respect for other people.

Yes, calling someone stupid and disrespectful for being stupid and disrespectful makes perfect sense, you are truely my hero.

I'm all for calling people stupid, retarded, not that important or whatever when the shoe fits, but in most cases (and I'm making an exception here) I try not to do the exact same thing as the guy I'm calling stupid WHILE I'm calling him stupid. I like you though, so ... god your post was stupid.