- Hey guys,
So I've set up an SSH connection between my Blackberry Curve 8520 and my MacBook, but I'm worried it's not secure. I want to generate a key and set up RSA security and all of that, but honestly I just don't know much about such things. Has anyone played with BBSSH enough to give me a tutorial?
As always, your help is greatly appreciated.04-30-10 05:26 PMLike 0 - Sorry no help about BBSSH but just so you know, ssh uses SSL encryption. The only thing a key does it remove the password entry. Unless you disable password log in on your MacBooks ssh server, there's no real need for the key.
Posted from my CrackBerry at wapforums.crackberry.com04-30-10 06:18 PMLike 0 - BBSSH author/maintainer here
The biggest reason to use a key is to ensure that nobody except you can log into your computer. If you use username/password based, it's theoretically possible for somebody to keep trying to guess at username/password combinations to log into your machine remotely. If you use a key, you can disable that method of login.
However, jeff.parent is otherwise correct - the data being transferred back and forth is secure with our without a key.
That being said:
BBSSH currently supports importing a key from an HTTP location -- expanded support will include many more options in 1.1.9 or 1.1.10, including generating a key on BBSSH itself. The key is expected to be in the format generated by the app "ssh-keygen", which you will most likely find installed on your MacBook already.05-06-10 11:45 AMLike 0 -
- Sorry no help about BBSSH but just so you know, ssh uses SSL encryption. The only thing a key does it remove the password entry. Unless you disable password log in on your MacBooks ssh server, there's no real need for the key.
Posted from my CrackBerry at wapforums.crackberry.com05-06-10 12:02 PMLike 0 - That's hard to do, but if they do, then they can log on to your system if you use keyed authentication instead of password authentication.
It's so rare, that everybody considers keyed authentication the way to go in a secure setup. After all, it's a lot harder to steal 1024 or 2048 or whatever amount of bits than it is to do a dictionary attack on a short password. Cracking a reasonable key is zillions and zillions and zillions times harder than attacking a password.Last edited by F0nage; 05-09-10 at 07:09 AM.
05-06-10 12:03 PMLike 0 -
- BaconCanadian - - As far as someone taking the key: you can password protect the key itself (and probably should); but generally the only way for them to get the key is to copy the file from where you're keeping it (usually your PC).
jeff.parent -- re: SSH/SSL - F0nage was just clarifying that they're two separate technologies While they're similar in that they both deal with a method of encrypting data over the Internet (or any network) they're actually two different things.
Here's a good link that explains the difference at a high level:
netforbeginners.about.com/od/technoglossary/f/whatis_SSL.htm05-08-10 11:13 PMLike 0
- Forum
- Popular at CrackBerry
- General BlackBerry News, Discussion & Rumors
BBSSH Security Help
LINK TO POST COPIED TO CLIPBOARD