[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Q: RSA Authentication vs. Password Authentication in SSH

Hi list,

first some stats: Ten weeks without internet access (actually without a
phone line) directly translate into 11000+ messages on Debian User --
Argh!  Once again, thanks to my telco "Deutsche Telekom" for their great
service.  Not.

Anyway, guess I had a lot of time for reading and catching up on system
administration.  Here are my first questions:

What's the advantage of RSA Authentication vs. Password Authentication
except that under the first one the sshd server does not trust the
client unless he has authorized himself with a key listed in authorized
keys.  This is desireable if the the client resides on the internet and
can't be trusted, but on my local network that's not an issue.

However, if I disable the fallback to Password Authentication I can only
log in from clients, that I have previously generated a key for and
added to my authorized_keys database -- not practical, if I want to be
able to log into my system from anywhere in the world.  So disabling
fallback is not an option, rendering the RSA Authentication useless.

The key from an untrusted client needs of course to be protected with a
passphrase, otherwise it may be easily compromised by the client's root
and allow connections to my system without providing a password -- big
security hole.

But what about keys from clients from my trusted local network.  In
order to get them one has to get access to the local machine first, and
then they are useless, because the intruder has already access to my
machine.  Unless of course, a user key has no passphrase and is listed
in root's authorized_keys file.  Then an intruder of my user account has
instant root access on my machine -- but how likely is this?  Having no
passphrase on user keys of the local network makes managing it very
convenient.

Okay, anybody with more understanding of ssh help me out?  BTW, I'm
still running ssh 1.2.26 protocol version 1.5 that comes with slink, but
the issues should be the same with protocol version 2.0.

TIA,
Viktor
-- 
Viktor Rosenfeld
E-Mail:		mailto:rosenfel@informatik.hu-berlin.de
HertzSCHLAG:	http://www.informatik.hu-berlin.de/~rosenfel/hs/
Reply to: