[Klug-general] Kent Digest, Vol 220, Issue 12

[Peter Childs]

2009/5/10 Ritchie Fraser <ritchie at rpfraser.uklinux.net>:
> On Sunday 10 May 2009 13:00:02 kent-request at mailman.lug.org.uk wrote:
>>
>> Message: 6
>> Date: Sun, 10 May 2009 12:02:00 +0100
>> From: Peter Apps <peter at sheppey.free-online.co.uk>
>> Subject: Re: [Klug-general] Problem getting ssh to use
>>       PublicKeyAuthentication :-(
>> To: Kent Linux User Group - General Topics <kent at mailman.lug.org.uk>
>> Message-ID: <1241953320.4018.9.camel at Gama-L>
>> Content-Type: text/plain
>>
>> Just out of curiosity. What's the advantage of going 'password less'?
>>
>> I use ssh, sshfs and fish (in Konqueror). Once through the password,
>> fish in particular gives pretty free access to the remote computer. I
>> find a password a comforting security check so I've never considered
>> bypassing it.
>>
>> Regards, Peter.
>>
> Hi Peter,
>
> The short and the long of the answer is that I believe that it is more secure.
> Especially as I want to open a port on my router so that I can access my home
> machine (desktop/server) from my laptop whilst I'm at home and when away.
>

Password Less under ssh anyway usually means keys, which are put
simply password so long that you will never remember them anyway, so
you have to carry them around on disk. Some people have pass phases as
well, locking these keys.

Pass phrases only really differ from passwords in that they are
usually longer, (But do not need to be) and are not sent they just
allow the key so it can be used, So they are more secure as they are
never transmitted over the network.

In these Schemes your key may not be stored on the server, but a
public key which is used to check its correct.

Its a long and complex subject. My only aim currently is to stop the
people who have one letter passwords in my office, and forget to
logout when they leave the desk.

Regards

Peter.