On Fri, 01 Apr 2005, martin f krafft wrote: > also sprach Chris Adams <[EMAIL PROTECTED]> [2005.04.01.2143 +0200]: > > you somewhat from casual attacks against weak passwords: if > > I obtain a copy of a user's password a public-key-only policy > > means that I still need some sort of privileged access to their > > home directory to exploit it - far from impossible but > > significantly more work for the kiddies. > > ... and you need a passphrase to decode the key -- or at least you > *should* need one.
Better not count on it when dealing with users. OTOH, if we are talking about remote access to servers where only the sysadmin crew can log into and supposedly know better than to use anything less than a passphrase to secure the key, then yes, you are correct. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
