Re: Allow password auth for one user with sftp?

To: debian-security@lists.debian.org
Subject: Re: Allow password auth for one user with sftp?
From: Michael Stone <mstone@debian.org>
Date: Mon, 22 Jan 2007 14:54:50 -0500
Message-id: <[🔎] 20070122195448.GQ11667@mathom.us>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 200701222049.17078.avbidder@fortytwo.ch>
References: <[🔎] 200701111855.38860.avbidder@fortytwo.ch> <[🔎] 200701141436.16865.avbidder@fortytwo.ch> <[🔎] 20070115193924.GA2336@rei.matrix> <[🔎] 200701222049.17078.avbidder@fortytwo.ch>

On Mon, Jan 22, 2007 at 08:49:08PM +0100, Adrian von Bidder wrote:

I trust the users who have shell access to keep their keys secure. I don'ttrust the users to have unguessable (think dictionary attacks!) passwords.I see dictionary attacks on ssh on a daily basis.


Hmm. Which of these two things are controllable on the server side?

Mike Stone

Reply to:

References:
- Allow password auth for one user with sftp?
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: Allow password auth for one user with sftp?
  - From: Adrian von Bidder <avbidder@fortytwo.ch>
- Re: Allow password auth for one user with sftp?
  - From: Michel Messerschmidt <lists@michel-messerschmidt.de>
- Re: Allow password auth for one user with sftp?
  - From: Adrian von Bidder <avbidder@fortytwo.ch>

Prev by Date: Re: [SECURITY] [DSA 1249-1] New xfree86 packages fix privilege escalation
Next by Date: Re: [SECURITY] [DSA 1254-1] New bind9 packages fix denial of service
Previous by thread: Re: Allow password auth for one user with sftp?
Next by thread: Re: Allow password auth for one user with sftp?
Index(es):
- Date
- Thread