Jonathan Corbet writes: [stuff about SSH deleted]
When my local ISP found a password sniffer running on his machine and went into red alert, I just smiled and didn't bother to change my passwords on hosts I had logged into via the ISP's net.
You probably should. There's more places to 'sniff' information than just from the network. An example is the Streams-based tty snooper. It pushes a Streams module between the tty and the shell. No encryption program can protect that, as it has to be in the clear unless you can do RC4 in your head. :-) The program I'm thinking of (sorry I forgot the name) lets the operator both read and write to any tty session on the machine. -- Eric Murray ericm@lne.com ericm@motorcycle.com http://www.lne.com/ericm If you don't see the fnords, they won't eat your packets. If you do see the fnords, they will eat your packets, so you won't see them. PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E 27 29 AF