On Thu, Dec 15, 2005 at 07:43:39AM -0600, Will Maier wrote: > > 4. enhance authentication > > maybe set up ssh access by authorised keys only - but again this > > has a problem when i need to log in to the server from a putty > > session on a PC in an internet cafe . > You could keep your key on a USB fob, which would allow you to > authenticate pretty much everywhere. Certainly, try to avoid > allowing both password- and key-based authentication. I'd never insert my USB-Stick with personal data into some PC in an Internet Cafe. Read-Access implies someone may copy all data to the local PC... Call me paranoid, but I learned just Monday some person I know keeps a keylogger running on his system... Immediately changed all my passwords. I would recommend using OTP (One Time Passwords), Debian contains everything needed to configure this and there are several Clients available... Stefan -- It would break down if you have sweaty fingers or blood on your hands, something which can occur easily in stressy Situations. [Prof. Jarke]
Attachment:
signature.asc
Description: Digital signature