[Gllug] Restricting ssh public key access
John Edwards
John.Edwards at cornerstonelinux.co.uk
Fri Aug 2 09:18:31 UTC 2002
On Fri, Aug 02, 2002 at 09:07:53AM +0100, Tethys wrote:
>
> >Don't forget that if your clients boxes aren't considered "safe",
> >password auth is just as dangerous as public key access. i.e. if someone
> >can get sufficient access to swipe their private key, they can generally
> >snoop the password just as easily :/
>
> True to an extent. However, if the clients are laptops (which they
> generally are, in this case), they they're prone to theft. A stolen
> laptop with a stored private key will give access to my machines,
> whereas if they were forced to use password authentication, they
> wouldn't get anywhere.
>
> Tet
Don't you need a passphrase to use the private key ?
Or are you also worried that people will set this to something
that is easy to brute force or, even worse, leave it as blank ?
--
#------------------------------------------------------------#
| John Edwards Email: John.Edwards at uk.com |
| |
| "Security vulnerabilities are here to stay." |
| Scott Culp, Manager, Microsoft Security Response Center |
#------------------------------------------------------------#
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list