[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Safe to access SSH server from work?

On Fri, May 6, 2011 at 12:13, Brian <ad44@cityscape.co.uk> wrote:
>> You could run Debian Live on a USB stick (or any other live distro,
>> really).  Boot your work machine with that, and you will have a trusted
>> machine.  Use that to ssh to your home machine.
>
> I suppose this 'trusted machine' doesn't have a key logger on it?
>

Check the keyboard cable, good idea. Only a hardware keylogger would
be an attack vector once the machine is booted from removable media. A
key would help here, as it is not typed in anyway.


>> And follow the advice that others have already given you.  Specifically,
>> disallow password authentication.  That is a biggie.  Even if you have a
>> strong password, others on your home machine may not.  As already said,
>> you can use AllowUsers in sshd_config to allow only specific users to
>> have ssh access.
>
> A strong password is no less secure in brute force terms than a key so
> there is no reason to disallow it on those grounds. You can also be sure
> you have never left it at home or elsewhere.
>

A strong password can be keylogged, a key cannot.

-- 
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com
Reply to: