Hi,
I found in the putty.log file the plain text username and password when
using the password authentication. Are they logged before transmitted or
logged as they are transmitted:
Outgoing packet type 4 / 0x04 (SSH1_CMSG_USER)
00000000 00 00 00 06 64 5f 70 72 6f 64 ....d_prod
Outgoing packet type 9 / 0x09 (SSH1_CMSG_AUTH_PASSWORD)
00000000 00 00 00 06 64 5f 70 72 6f 64 ....d_prod
Teng
CONFIDENTIALITY NOTICE
This message and any included attachments
are from Cerner Corporation and are intended
only for the addressee. The information
contained in this message is confidential and
may constitute inside or non-public information
under international, federal, or state
securities laws. Unauthorized forwarding,
printing, copying, distribution, or use of such
information is strictly prohibited and may be
unlawful. If you are not the addressee, please
promptly delete this message and notify the
sender of the delivery error by e-mail or you
may call Cerner's corporate offices in Kansas
City, Missouri, U.S.A at (+1) (816)221-1024.
---------------------------------------- --
-- List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/ List Archives: http://erdelynet.com/archive/ssh-l/ To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.Received on Fri Dec 13 12:31:52 2002
This archive was generated by hypermail 2.1.8 : Fri Jul 29 2005 - 17:33:42 EDT