Slashdot Mirror


Keep SSH Sessions Active, Or Reconnect?

borjonx writes "Is it safer to log out of an SSH session, and re-establish it later, or just keep the connection open? Like many of you, I use OpenSSH to connect to my Slackware Linux boxes remotely from Linux and WinXP (putty.exe) clients. At home and at work, I wonder if it would be safer to just leave the connection open (my clients are physically secured, the servers limit connections with hosts.allow). Is it more secure to re-establish the connection over an insecure link (big bad internet) where people can sniff that handshaking, or is it more secure to just remain connected? I connect 1 to 4 times per day, most days."

1 of 307 comments (clear)

  1. Re:screen by mysidia · · Score: 1, Flamebait

    I'll agree owch.

    But you're quoting a vulnerability in a piece of software that was patched 3 years ago, in response to an article about running PuTTy on a Windows system.

    A windows system that today likely has so many unpatched 0-day vulnerabilities, that they can't be counted, not even on all the current and past Windows developers' fingers, put together.

    This is just a variant of tried-and-true character-based attacks against terminals. Smart people use mesg n on multi-user systems, especially when running as root.