Re: server security :: user accounts, ssh, passphrases, etc.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 3-Apr-08, at 1:23 PM, Dave Sherohman wrote:
Unless they take the time to successfully factor the
public key,
Can you expand on that sentence? I'm not sure what you meant by it.
Other than that I wholeheartedly agree with the suggestion to use
public-private key pairs, and would suggest (as others have pointed
out) that you turn OFF the ability to log in with a password thru ssh
- - e.g. make ssh authorize with keys only.
Just in case it wasn't clear - the user names do not have to match,
even when using public keys.
Brian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Verify this email or encrypt your email for free - see gnupg.org
iD8DBQFH9R51GnOmb9xIQHQRAu+lAKCQRa4s/3FYxwCjKeRnqV4vmCzSmACfUFw6
sWRtK9J6sVaS2gAQq/zH8ew=
=zu28
-----END PGP SIGNATURE-----
Reply to: