On 2/2/07, Tyop? <[EMAIL PROTECTED]> wrote: > > key-based login without passphrase is like eating cheese without > bred. useless (IMHO). >
Totally, if someone compromises the machine and gets root they get all your keys and without a passphrase... yeah no good. > > - - With a little bit of configuration, it's easy to figure out which > > key was used to login to an account; the audit trail can be managed > > that way. > > - - Managing which users have access to which root accounts is trivial > > this way: just add or delete their keys from .ssh/authorized_keys[2]. > > Totally agree. > Ditto. -sb > -- > Tyop? > http://altmylife.blogspot.com > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/