[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: For those who care about pam-ssh: RFC

2008/12/4 Luca Niccoli <lultimouomo@gmail.com>:
> 2008/12/3 Jens Peter Secher <jpsecher.noreply@gmail.com>:
>> Because of the security implications of changing a PAM module, I would
>> welcome some peer reviewing of the changes I have made.  The new package
>> has been uploaded to experimental, and the NEWS.Debian is as follows.
>> Also, I would like comments in general about the whether there are
>> better ways to solve the problems.
> As a user, I see a regression: I have @include (pam)-ssh-auth before
> @include common-auth in my confguration, and I use two different
> passwords for my local account and my ssh key;  this way if I know
> I'll be networking I take the bother to type the long-and-very-secure
> password to unlock my key and get acces to the computer, otherwise I
> just hit enter and I'm asked for the simpler local password

To do that you will need to change /etc/pam.d/ssh-auth to

  auth sufficient pam_ssh.so

such that the SSH passphrase is always asked, and, if it unlocks any
of the SSH keys, it will be sufficient to login.

> (I don't
> think there's really a point in a strong password if someone has
> physical access to the computer).

Hmm, if noone else has access to the computer (including remote
access) then the passphrase on the SSH keys do not need to be more
secure than the login password.  On the other hand, if there is remote
access to the computer, then a weak password will enable an evil
hacker to get into you account, copy your SSH key and brute-force
attack the key elsewhere.  So I do not really see your point.

                                                    Jens Peter Secher.
_DD6A 05B0 174E BFB2 D4D9 B52E 0EE5 978A FE63 E8A1 jpsecher gmail com_.
A. Because it breaks the logical sequence of discussion.
Q. Why is top posting bad?

Reply to: