Reply to post: Re: Local access and you get ever so much!

The NetCAT is out of the bag: Intel chipset exploited to sniff SSH passwords as they're typed over the network

Crypto Monad

Re: Local access and you get ever so much!

> If they could monitor the server's traffic they could see the pauses directly.

Which is a much bigger hole than this one. Even someone *listening* to your typing can attack this way.

Solution: use a password manager for all your passwords. Then you paste them in one big splurge, with no gaps. This is an easy and comprehensive solution, and of course lets you use strong random passwords too.

Using RSA/EC private key authentication for ssh helps too - but you're still going to end up typing some passwords over ssh sessions (e.g. sudo password)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019