Re: Continuous brute force attempt from own server !!!
On Sat 27 Jul 2013 at 12:05:05 +0300, Lars Noodén wrote:
> On 07/26/2013 11:26 PM, Brian wrote:
> >
> > Does this 'good idea' have reasons to support it?
>
> It is for much the same reasons that passwords are rotated. It was
> mainly this draft that convinced me:
>
> http://datatracker.ietf.org/doc/draft-ylonen-sshkeybcp/?include_text=1
>
> It mentions rotating the keys in several places.
Thank you, that was an interesting read. The focus of the draft is on
organisations which utilise SSH keys extensively, so in such a situation
I can understand a recommendation for key rotation because ignoring it
may have disastrous consequences. Users with small networks and with
well managed access to them would rarely have a need to change passwords
or keys at predetermined intervals.
Reply to: