Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Real examples of ssh password logins being Owned
1 point by danieltillett on May 10, 2018 | hide | past | favorite
I know it is standard security practice to disable ssh password logins, but does anyone know of any real life examples where someone with a strong, non-shared password [0] was owned via the ssh login path? If so how was this accomplished?

0. By strong I mean passwords with enough entropy that brute force is not an option and non-shared means not been used on other services or shared (willingly or unwillingly) with anyone else.



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: