[ILUG] sshd
paul at clubi.ie
paul at clubi.ie
Thu Nov 23 17:12:02 GMT 2006
On Thu, 23 Nov 2006, Ewan Oughton wrote:
> SSH keys on their own are not the magic bullet, but surely passworded-keys
> are more secure than a password on it's own? Something you have, something
> you know?
Sure. But who has the key?
Also, you're looking at it from POV of a clueful user, not of an
admin with lusers who wants to protect a specific box. How does the
admin (try) apply password-strength policies to ssh-key passwords?
How can the admin even enforce that users protect keys with a
password?
regards,
--
Paul Jakma paul at clubi.ie paul at jakma.org Key ID: 64A2FF6A
Fortune:
Endless Loop, n.:
see Loop, Endless.
Loop, Endless, n.:
see Endless Loop.
-- Random Shack Data Processing Dictionary
More information about the ILUG
mailing list