[Gllug] Router under attack: help/advice needed
Nix
nix at esperi.org.uk
Tue Oct 20 22:20:44 UTC 2009
On 20 Oct 2009, Tethys told this:
> --------
>
> gvim writes:
>
>>- Limit logins to public key if possible
>
> Please stop spreading that nonsense. It doesn't increase security.
Er, yes it does.
> As I've said before on here, it merely trades off different risks
> against each other, reducing the likelihood of one attack and
> increasing another. Overall, it is probably less secure than
> password based logins.
Really? If the keys on your serve are all passphrased, you're not
trading off password guesses for cracked hosts: you're trading
off password guesses for cracked-hosts-and-passphrase-guesses,
which is a *somewhat* higher bar.
(Of course, if you have passphraseless keys allowed in, you are indeed
just trading off one risk for another: don't do that then.)
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list