nate wrote:
hi. as I upgrade much of my systems to debian woody, I am trying to get SSH1 and SSH2 to peacefully co-exist. However I've hit a snag and was hoping someone knew how to fix this. on my more sensitive systems I do not permit password logins(RSA key only). This of course is set via the PasswordAuthentication no directive in sshd_config.
This is slightly off-topic, but why are RSA keys considered more secure? How does it protect you from a user like me who uses RSA keys cause he is too lazy to type in his password[and also likes to have scripts using ssh in cron] and has minimal security on his desktop[no gaping holes, no unnecessary services running, but at the same time no firewall and not the greatest passwords] where essentially any compromise of my computer would give an attacker immediate access to my accounts on the other computers where I have accounts? Prohibiting passwords would almost seem to encourage this type of behavior...