Re: Darn skiddies (ssh login attempts)

To: debian-security@lists.debian.org
Subject: Re: Darn skiddies (ssh login attempts)
From: Michael Stone <mstone@debian.org>
Date: Fri, 01 Apr 2005 11:39:19 -0500
Message-id: <[🔎] 20050401163919.GD11577@mathom.us>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 20050401151129.GA5169@khazad-dum.debian.net>
References: <200503312244.53499.bmsims1@insightbb.com> <[🔎] 20050401074008.GB12840@sandbender> <[🔎] 6b9f80f9ed993c425821b4c7f0440b07@salk.edu> <[🔎] 20050401142350.GB11577@mathom.us> <[🔎] 20050401151129.GA5169@khazad-dum.debian.net>

On Fri, Apr 01, 2005 at 12:11:29PM -0300, Henrique de Moraes Holschuh wrote:

Nowadays user passwords often end up being stolen, not broken (trojans,
etc). Keys offer no degraded security in that scenario.


Wrong. It's much harder to force people to change keys than passwords.
It's not impossible, but the tools aren't as common and there's this
really unfortunate tendancy to think that keys are a magic bullet which
keeps people from using what tools do exist.

Mike Stone

Reply to:

References:
- Re: Darn skiddies (ssh login attempts)
  - From: Robert Lemmen <robertle@semistable.com>
- Re: Darn skiddies (ssh login attempts)
  - From: Chris Adams <cadams@salk.edu>
- Re: Darn skiddies (ssh login attempts)
  - From: Michael Stone <mstone@debian.org>
- Re: Darn skiddies (ssh login attempts)
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Cordula Sonnhalter ist nicht verfügbar : [SECURITY] [DSA 697-1] New netkit-telnet packages fix arbitrary code execution
Next by Date: Re: Darn skiddies (ssh login attempts)
Previous by thread: Re: Darn skiddies (ssh login attempts)
Next by thread: Re: Darn skiddies (ssh login attempts)
Index(es):
- Date
- Thread