[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Q: RSA Authentication vs. Password Authentication in SSH

>>>>> "Viktor" == Viktor Rosenfeld <rosenfel@informatik.hu-berlin.de> writes:

    Viktor> passphrase.  My question is, if that (empty passphrase on
    Viktor> the local network) really is a security hole?  My
    Viktor> reasoning is, that if any machine (except for the
    Viktor> firewall) is compromised, the whole network is compromised
    Viktor> anyhow.  Having an identity with a good passphrase won't
    Viktor> make it any harder to break in that case.

It depends on how the network is configured. If, for instance, it has
been setup to allow non-Kerberos non-password based rsh sessions, then
what you say is potentially true.

However, in normal situations there should be no reason why one
computer being compromised automatically means the other computers are
compromised too.
Brian May <bam@debian.org>

Reply to: