Hi, On 4/14/05, McKown, John <[EMAIL PROTECTED]> wrote: > password. Instead, I must use a "Passphrase". What have I gained? I did > replace my password with a passphrase, but how is that more secure? I
A "passphrase" is a password to access your private LOCAL key. The passph is used locally to access your local (on your PC) private key. A cracker with only the passph will get nowhere (as opposed to password authentication, where the password is all he needs). He has to have both the passph AND the key (which means he will have to crack your local PC to steal it) which is stored in your local computer. The authentication (server side) is done by using the private key (which is encrypted locally with a passphrase). For added security you can also have your key on a physical smart card (in that case you need a card reader on your PC). Then a cracker will need both your card and the passph. Tiago ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
