Subj : Re: Anonymous SSH login
To   : acn
From : Al
Date : Mon Mar 22 2021 05:11 pm

  Re: Re: Anonymous SSH login
  By: acn to Alpha on Mon Mar 22 2021 11:04 am

 ac> I might add two reasons why I don't offer SSH access to my Synchronet BBS:

 ac> 1.
 ac> I would have to explore how a guest login/"new user login" etc. could be
 ac> accomplished to make it look "normal".

I just logged in as guest via ssh. I used the name guest and the password bogus.

I also logged in as new the same way and created a new account using the same bogus password.

Perhaps it would be more normal if the ssh server didn't require a password when logging in as guest or new?

That would be a good feature request for the developers. You could make that comment to Digital Man so he could give it some thought.

 ac> 2.
 ac> My target audience especially includes retrocomputing people who very 
 ac> often use "Wifi modems" - and I don't know a single Wifi modem (ESP8266 or
 ac> ESP32 based) that offers a SSH mode; they only offer Telnet connections.

I could be wrong but I think that using ssh even over an insecure wifi connection is secure end to end. We'd have to check with network savy people to be sure of that.

Is it not possible to use ssh over that link? I sometimes use ssh over my own wifi link although my wifi is secure.

 ac> So I chose to stick to Telnet access.

Telnet is OK. It's an old and well established/well behaved protocol. Just keep in mind it is insecure, use a throw away password.

 ac> (Access to the Synchronet web server indeed is HTTPS only with an Apache
 ac> reverse proxy inbetween and the fTelnet connection is also using HTTPS 
 ac> only, so this is a secure alternative here)

Yes, the web server is a good and secure option.

 Ttyl :-),
         Al

.... As easy as 3.1415926535897932384626433832795028841
--- SBBSecho 3.14-Linux
 * Origin: The Rusty MailBox - Penticton, BC Canada (21:4/106.1)

.