Re: Darn skiddies (ssh login attempts)

To: debian-security@lists.debian.org
Subject: Re: Darn skiddies (ssh login attempts)
From: Philipp Schulte <pschulte@uni-duisburg.de>
Date: Fri, 1 Apr 2005 16:59:40 +0200
Message-id: <[🔎] 20050401145940.GA8623@nepomuk.ps-private.lan>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20050401142350.GB11577@mathom.us>
References: <200503312244.53499.bmsims1@insightbb.com> <[🔎] 20050401074008.GB12840@sandbender> <[🔎] 6b9f80f9ed993c425821b4c7f0440b07@salk.edu> <[🔎] 20050401142350.GB11577@mathom.us>

Michael Stone wrote: 

> On Fri, Apr 01, 2005 at 01:23:09AM -0800, Chris Adams wrote:
> >Or no passwords - if requiring public key authentication is feasible 
> >for a system you can disable password authentication entirely:
> 
> I generally consider that to be a horrible idea. Instead of centrally
> managed password policies you now have your security entrusted to the
> security of all of your user's ssh keys. IME most users aren't really
> careful about how they handle those.

Sure, maybe a user does not handle the key carefully but do you think
they are more careful with their password and don't write it down or
something like this?

Reply to:

Follow-Ups:
- Re: Darn skiddies (ssh login attempts)
  - From: Michael Stone <mstone@debian.org>

References:
- Re: Darn skiddies (ssh login attempts)
  - From: Robert Lemmen <robertle@semistable.com>
- Re: Darn skiddies (ssh login attempts)
  - From: Chris Adams <cadams@salk.edu>
- Re: Darn skiddies (ssh login attempts)
  - From: Michael Stone <mstone@debian.org>

Prev by Date: sshd: "Generating new 768..." ?
Next by Date: Re: Darn skiddies (ssh login attempts)
Previous by thread: Re: Darn skiddies (ssh login attempts)
Next by thread: Re: Darn skiddies (ssh login attempts)
Index(es):
- Date
- Thread