Re: Securing SSH: Does disabling password authentication work?

To: debian-user@lists.debian.org
Subject: Re: Securing SSH: Does disabling password authentication work?
From: Jon Dowland <lists@alcopop.org>
Date: Tue, 4 Oct 2005 11:23:41 +0100
Message-id: <[🔎] 20051004102341.GA1500@alcopop.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20051003163045.GD17122@fornost.com>
References: <[🔎] 20051003151458.GC17122@fornost.com> <[🔎] 20051003155414.GI25793@alcopop.org> <[🔎] 20051003163045.GD17122@fornost.com>

On Mon, Oct 03, 2005 at 11:30:45AM -0500, Steve Block wrote:
> So does this seem like a viable way to avoid the current generation of
> SSH attacks? Of course nothing is bulletproof but am I actually more
> secure than before?

I'd argue, yes. By removing an authentication method that you are not
using, you are reducing the number of quantity of code that is being
executed and therefore reducing the quantity of vulnerabilities that may
be present.

-- 
Jon Dowland
http://jon.dowland.name/

Reply to:

References:
- Securing SSH: Does disabling password authentication work?
  - From: Steve Block <scblock@ev-15.com>
- Re: Securing SSH: Does disabling password authentication work?
  - From: Jon Dowland <lists@alcopop.org>
- Re: Securing SSH: Does disabling password authentication work?
  - From: Steve Block <scblock@ev-15.com>

Prev by Date: Make up Emacs and XKB
Next by Date: Re: Firefox middle click broken on stable?
Previous by thread: Re: Securing SSH: Does disabling password authentication work?
Next by thread: Re: Securing SSH: Does disabling password authentication work?
Index(es):
- Date
- Thread