Re: OT: Safe to access SSH server from work?

To: debian-user@lists.debian.org
Subject: Re: OT: Safe to access SSH server from work?
From: Brian <ad44@cityscape.co.uk>
Date: Fri, 6 May 2011 13:08:52 +0100
Message-id: <[🔎] 20110506120852.GL13057@desktop>
In-reply-to: <[🔎] BANLkTikoL+rPheqECU3136r8k=NwiJxeGw@mail.gmail.com>
References: <[🔎] BANLkTinFavrwh5NcWFcdJCE8+M-ja5=UXw@mail.gmail.com> <[🔎] 20110505214313.GK12860@wasteland.homelinux.net> <[🔎] BANLkTi=qGuM0ibNXhnaSwwZFdu7D1pzR0Q@mail.gmail.com> <[🔎] 20110506075429.GL12860@wasteland.homelinux.net> <[🔎] BANLkTikDTKmvC2hHN3LfLfs07o_xJiBN9w@mail.gmail.com> <[🔎] 20110506090219.GA8690@furie.org.uk> <[🔎] BANLkTimC0J4ZMR8LZpEDwNDSa5f=+-Nv4A@mail.gmail.com> <[🔎] BANLkTikoL+rPheqECU3136r8k=NwiJxeGw@mail.gmail.com>

On Fri 06 May 2011 at 13:48:23 +0300, Dotan Cohen wrote:

> However, keys are good to prevent brute-force attacks. Think of it
> like a 256-character password using the entire ASCII field. Also, keys
> are not susceptible to keyloggers.

I'm unsure whether you mean 'prevent' because neither keys nor passwords
can stop brute forcing attempts. If you mean a key (256 characters) is
stronger than a password (20 characters) I'd agree. But the key is no
more secure than the password. Not unless the attacker has considerably
more than the allotted three score years and ten to look forward to.
George may be past caring by then, though.

Keyloggers would get the key passphrase too. And the USB stick would
have its contents pilfered. So, keys don't appear to give any advantage
over passwords on an untrusted machine.

Reply to:

Follow-Ups:
- Re: OT: Safe to access SSH server from work?
  - From: Dotan Cohen <dotancohen@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: CACook@quantum-sci.com
- Re: OT: Safe to access SSH server from work?
  - From: Wolfgang Karall <lists+debian-users@karall-edv.at>

References:
- OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: Jochen Schulz <ml@well-adjusted.de>
- Re: OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: Jochen Schulz <ml@well-adjusted.de>
- Re: OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: Tom Furie <tom@furie.org.uk>
- Re: OT: Safe to access SSH server from work?
  - From: George <pinkisntwell@gmail.com>
- Re: OT: Safe to access SSH server from work?
  - From: Dotan Cohen <dotancohen@gmail.com>

Prev by Date: Re: OT: Safe to access SSH server from work?
Next by Date: Re: Need /etc/apt/sources.list
Previous by thread: Re: OT: Safe to access SSH server from work?
Next by thread: Re: OT: Safe to access SSH server from work?
Index(es):
- Date
- Thread