[ILUG] SSH dictionary attacks.
Conor Daly
conor.daly_ilug at cod.homelinux.org
Thu Aug 24 23:20:51 IST 2006
On Wed, Aug 23, 2006 at 09:21:59PM +0100 or so it is rumoured hereabouts,
Aine Douglas thought:
> On 8/23/06, Stephen Shirley <diamond at skynet.ie> wrote:
> >Hum. Ok, upon re-reading it and another one of your replies, it seems
> >you are advocating using normal passwords rather than ssh keys +
> >passphrases. Isn't that trading the chances of a user screwing up
> >against those of a dictionary attack being successful though?
Why not set up the server to require both keys and passwords? You cannot
connect without the key and must have your password to login.
Conor
--
Conor Daly <conor.daly at cod.homelinux.org>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/G/S/O d+(-) s:+ a+ C++(+) UL++++ US++ P>++ L+++>++++ E--- W++ !N
PS+ PE Y+ PGP? tv(-) b+++(+) G e+++(*) h-- r+++ z++++
------END GEEK CODE BLOCK------
http://www.geekcode.com/ http://www.ebb.org/ungeek/
More information about the ILUG
mailing list