SSH Security
Matthew Miller
mattdm at mattdm.org
Wed Dec 7 15:09:13 UTC 2005
On Wed, Dec 07, 2005 at 09:53:56AM -0500, Scot L. Harris wrote:
> > I am not saying not to use key based authentication, but it is not a
> > cure all.
> You are correct, there are no magic bullet solutions. Typically you
> would still use a password/passphrase to use your private key. Of
> course the same rules apply as to any password, use a good non-trivial
> one that can not be guessed.
And even more so than normal, since anyone with a copy of the key can
attempt to brute-force the passphrase at their leisure.
--
Matthew Miller mattdm at mattdm.org <http://mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
More information about the users
mailing list