On 13/07/11 9:27 PM, Ralph Holz wrote:
Hi,
You know this is why you should use ssh-keys and disable password
authentication. First thing I do when someone gives me an ssh account.
Using keys to authenticate is what I usally do, too. But even if a user
decides not to use plain password auth, switching off password-based
access globally for all users is unfeasible in many settings.
Say you've got a multi-user machine (a cluster, even). If your typical
user is not a geek, but a scientist - telling them they need to create a
key, send it to you to add to authorized-keys etc. is going to result in
much extra work (for you) and frustration (for users).
Is there any reason why the ssh client-side can't generate the key, take
the password from the user, login and install the key, all in one operation?
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
