On Fri 09 Jan 2015 at 21:19:41 -0500, Jerry Stuckle wrote: > On 1/9/2015 8:49 PM, Joel Rees wrote: > > > SSH keys are useful, but you have to keep them somewhere. The real > > danger to good passwords is the off-line attempts, and the passphrase > > you use for your private keystore is potentially subject to off-line > > if your password is. > > > > Yes, keys may actually be less secure than passwords.
That's an an interesting line of enquiry! An administrator who enforces a log in with keys knows exactly what the server will accept in terms of authentication for *all* users. What he does not know is the level of security which the user has placed on the key with the passphrase. Furthermore, he has no technical way of ensuring the passphrase is sufficiently strong or that the private key is not left lying about on various machines to be probed at someone's leisure. Another interesting aspect is that public-key authentication support by ssh was not introduced as a response to any perceived general weakness in a login with a password. SSH, The Secure Shell: The Definitive Guide cites the single password per account as inconvenient (a new password must be communicated to everyone with access to the account) and accountabilty of access as reasons. Granted, the same book also says passwords can be captured on a compomised host. But if the host is compromised the administrator has quite big problems elsewhere. By all means advocate and use ssh keys. But at least provide some substantial reason for spurning password login for that particular situation. A blanket "don't use passwords" or "keys are better" doesn't cut it. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/10012015194257.e68f933ce...@desktop.copernicus.demon.co.uk
