[ILUG] sshd
Conor Daly
conor.daly_ilug at cod.homelinux.org
Thu Nov 23 20:55:07 GMT 2006
On Thu, Nov 23, 2006 at 05:12:02PM +0000 or so it is rumoured hereabouts,
paul at clubi.ie thought:
> On Thu, 23 Nov 2006, Ewan Oughton wrote:
>
> >SSH keys on their own are not the magic bullet, but surely passworded-keys
> >are more secure than a password on it's own? Something you have, something
> >you know?
>
> Sure. But who has the key?
>
> Also, you're looking at it from POV of a clueful user, not of an
> admin with lusers who wants to protect a specific box. How does the
> admin (try) apply password-strength policies to ssh-key passwords?
> How can the admin even enforce that users protect keys with a
> password?
#> grep -i authorizedkeysfile /etc/ssh/sshd_config
AuthorizedKeysFile /etc/ssh/authorized_keys
#> ssh-keygen -t.....
<enter strong password>
Say to user: "here's your key and password".
Will that do?
Conor
--
Conor Daly <conor.daly at cod.homelinux.org>
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCS/G/S/O d+(-) s:+ a+ C++(+) UL++++ US++ P>++ L+++>++++ E--- W++ !N
PS+ PE Y+ PGP? tv(-) b+++(+) G e+++(*) h-- r+++ z++++
------END GEEK CODE BLOCK------
http://www.geekcode.com/ http://www.ebb.org/ungeek/
More information about the ILUG
mailing list