On 11/01/15 23:18, Brian wrote:
On Sun 11 Jan 2015 at 22:32:39 +0000, Iain M Conochie wrote:On 10/01/15 20:31, Brian wrote:By all means advocate and use ssh keys. But at least provide some substantial reason for spurning password login for that particular situation. A blanket "don't use passwords" or "keys are better" doesn't cut it.There are 3 (current) factors in authentication: 1. What the user knows 2. What the user has 3. What the user is These increase in security as you go higher up the number. So (assuming the implementation is secure) my fingerprint (being something I am) is more secure than a password. Also, an ssh-key (being something I have) is more secure than a password.Both a password and a key is something the user is in possession of.
Think pin and bank card. Both you are in possession of. Only one you know. Perhaps this will explain: http://en.wikipedia.org/wiki/Multi-factor_authentication
A fingerprint (a key, I suppose) is no more "me" than a password. I may be being dense but I am having difficulties in following your argument and the distinctions you are trying to make.
dense is the one of last thing you are Brian.
As I see it, the ability of a computer to reduce an individual to a _unique_ blob[1] is what we are trying to achieve here. Think the hash of a password.In each case we have the _implementation_ to let us down. #1 is up to the user whereas #2 and #3 are up to the programmer. Who do you trust ;)Sorry, I do not follow this either.
[1] A length of arbitrary bytes. Cheers Iain