Re: Darn skiddies (ssh login attempts)
On Fri, 01 Apr 2005, martin f krafft wrote:
> also sprach Chris Adams <cadams@salk.edu> [2005.04.01.2143 +0200]:
> > you somewhat from casual attacks against weak passwords: if
> > I obtain a copy of a user's password a public-key-only policy
> > means that I still need some sort of privileged access to their
> > home directory to exploit it - far from impossible but
> > significantly more work for the kiddies.
>
> ... and you need a passphrase to decode the key -- or at least you
> *should* need one.
Better not count on it when dealing with users. OTOH, if we are talking
about remote access to servers where only the sysadmin crew can log into and
supposedly know better than to use anything less than a passphrase to secure
the key, then yes, you are correct.
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: