Re: Q: RSA Authentication vs. Password Authentication in SSH

To: debian-user@lists.debian.org
Subject: Re: Q: RSA Authentication vs. Password Authentication in SSH
From: Brian May <bam@debian.org>
Date: 21 Nov 2000 09:32:51 +1100
Message-id: <[🔎] 84u292nujw.fsf@snoopy.apana.org.au>
In-reply-to: rosenfel@informatik.hu-berlin.de's message of "20 Nov 00 16:33:38 GMT"
References: <[🔎] 3A172B05.E30AC9E8@informatik.hu-berlin.de> <[🔎] 841yw8so45.fsf@snoopy.apana.org.au> <[🔎] 3A195262.BF1787CF@informatik.hu-berlin.de>

>>>>> "Viktor" == Viktor Rosenfeld <rosenfel@informatik.hu-berlin.de> writes:

    Viktor> passphrase.  My question is, if that (empty passphrase on
    Viktor> the local network) really is a security hole?  My
    Viktor> reasoning is, that if any machine (except for the
    Viktor> firewall) is compromised, the whole network is compromised
    Viktor> anyhow.  Having an identity with a good passphrase won't
    Viktor> make it any harder to break in that case.

It depends on how the network is configured. If, for instance, it has
been setup to allow non-Kerberos non-password based rsh sessions, then
what you say is potentially true.

However, in normal situations there should be no reason why one
computer being compromised automatically means the other computers are
compromised too.
-- 
Brian May <bam@debian.org>

Reply to:

References:
- Q: RSA Authentication vs. Password Authentication in SSH
  - From: Viktor Rosenfeld <rosenfel@informatik.hu-berlin.de>
- Re: Q: RSA Authentication vs. Password Authentication in SSH
  - From: Brian May <bam@debian.org>
- Re: Q: RSA Authentication vs. Password Authentication in SSH
  - From: Viktor Rosenfeld <rosenfel@informatik.hu-berlin.de>

Prev by Date: Re: NCR53C9x (MCA) SCSI problem with scanner
Next by Date: Re: Program can't find shared libraries
Previous by thread: Re: Q: RSA Authentication vs. Password Authentication in SSH
Next by thread: @#@%! debian list software!
Index(es):
- Date
- Thread