[ILUG] SSH dictionary attacks.
paul at clubi.ie
paul at clubi.ie
Wed Aug 23 15:59:56 IST 2006
On Wed, 23 Aug 2006, Ewan Oughton wrote:
> ssh keys can be setup that you need a password in order to use the key:
However the ssh server has:
- no control over whether the remote user does or does not protect
their key with a pass phrase
- no insight even into the same
You are 'outsourcing' your pass-phrase policy to your users and their
remote machines if you allow SSH keys.
If you must retain control over whether or not your users must use a
pass-phrase, and be able to apply policy to their quality, for remote
access you really need to disable SSH key access.
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Fortune:
Calculon: I'm programmed to be very busy.
More information about the ILUG
mailing list