There are some computers at school that I am authorized to log into and stuff for class, unix machines, and they have ssh2 installed and stuff. I have been looking for a way to ssh2 from campus into my linux box at home, and this will work. However, if I ssh from the schools machine to my one at home, anyone else on the machine running a 'w' or 'who' command can see what I'm doing, aka ssh 12.2.x.x so they can see my IP address. kinda scary. Should I be worried? Is there anyone to hide the ip address in that case?
Thanks http://www.linuxnewbie.org/ubb/smile.gif

(we're not really allowed to install stuff on the schools computers, windows NT machines, so it's hard to get ssh or securecrt or something running. we do have 'lockers' though so we can store like 30meg of stuff in a folder, but we can't really 'install' programs there. stand along things, like programs with just one executable can be run from there however. aka PuTTy)

edit: GEESH! not only that but if I do ssh -l to log in as a different user they get to see the user name too! how dangerous is that??

------------------
Help me I'm Harvey!

[This message has been edited by Harvey (edited 18 October 2000).]

Why would you be worried about someone seeing your IP? It's logged too, if you forgot that.

------------------
Did I do that?

Yeah it's logged, for the sysadmin. not for 100 other users...

It's a computer in the cs department, so you know. they're all techies in there, and I know that if I saw an ip somewhere I would try to telnet, ftp, or probe it's ports or something. I just don't want people messing with my box.

And they can see my username as well. Isn't that considered 'bad security practice?'

they would know that I'm using ssh to connect, what the username is, and the ip address, all that is left is to guess the password.

not scary? maybe i'm paranoid

[This message has been edited by Harvey (edited 18 October 2000).]

I think you're a little paranoid http://www.linuxnewbie.org/ubb/smile.gif.
Unless you have enemies at school...

That's the purpose of ssh, to protect you. Plus, if others are going to try to break in your computer, that will just show that your computer security will be tested. Tighten up you computer http://www.linuxnewbie.org/ubb/smile.gif.

Alright http://www.linuxnewbie.org/ubb/smile.gif

they're watching me! They're everywhere!

I think you are giving the "techies" too much credit, they aren't that bright http://www.linuxnewbie.org/ubb/smile.gif j/k

Your IP is readily available to anyone, anywhere at any time so you're going to have to learn to live with that. User names are normally pretty obvious because nobody wants to try to remember some weird name that isn't associated with them and no admin wants to have to keep a list of user names that corresponds to users real names.

Knowing the method of connection is worthless, you still need the one key bit of info, the password. This is where you come into play. Make a really good password and change it every so often. Passwords are critical on ALL boxes adn is often the number one weak spot in any security program.

Yes, you're paranoid (or guilty of the crime) but no, it isn't scary. The scary thing is just how bad most users passwords are http://www.linuxnewbie.org/ubb/frown.gif

If you don't want "people messing with your box" then lock that critter down. THE USER IS THE WEAKEST LINK IN ANY SECURITY PLAN.

------------------
Did I do that?

your ip address is the easiest thing to get.. the beauty of ssh is that is encrypts traffic so if someone is sniffing your network, they will not see you type in your address... or anything else for that matter.. getting hacked as bad as it might seem might be the best way for someone to learn how to do it.. just sit back and watch.. it will give you a better idea of how it all works and if you can run a packet sniffer while it is going on... you will love it..

lates

diesel