[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Continuous brute force attempt from own server !!!

On Sat 27 Jul 2013 at 12:05:05 +0300, Lars Noodén wrote:

> On 07/26/2013 11:26 PM, Brian wrote:
> > 
> > Does this 'good idea' have reasons to support it?
> 
> It is for much the same reasons that passwords are rotated.  It was
> mainly this draft that convinced me:
> 
> http://datatracker.ietf.org/doc/draft-ylonen-sshkeybcp/?include_text=1
> 
> It mentions rotating the keys in several places.

Thank you, that was an interesting read. The focus of the draft is on
organisations which utilise SSH keys extensively, so in such a situation
I can understand a recommendation for key rotation because ignoring it
may have disastrous consequences. Users with small networks and with
well managed access to them would rarely have a need to change passwords
or keys at predetermined intervals.
Reply to: