[Gllug] Router under attack: help/advice needed
damion.yates at gmail.com
damion.yates at gmail.com
Wed Oct 21 01:10:46 UTC 2009
On Tue, 20 Oct 2009, Nix wrote:
> On 20 Oct 2009, Tethys told this:
>
> > >- Limit logins to public key if possible
> >
> > Please stop spreading that nonsense. It doesn't increase security.
>
> > As I've said before on here, it merely trades off different risks
> > against each other
>
> Really? If the keys on your serve are all passphrased, you're not
> trading off password guesses for cracked hosts: you're trading off
> password guesses for cracked-hosts-and-passphrase-guesses, which is a
> *somewhat* higher bar.
Are you sure passphrased keys are actually that uncrackable? I recall
reading that it's not good, although that was years ago. But brute
force is significantly faster as it's just a tight local check against
the key until you dictionary your way there.
> (Of course, if you have passphraseless keys allowed in, you are indeed
> just trading off one risk for another: don't do that then.)
And don't use ssh-agent in case someone has rootkitted you and can then
just nab your environment and share your connections, unlike passwd auth
will allow*
Damion
*Okay ControlMaster. But don't do that.
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list