On Jan 17, 2012 6:11 AM, "Mick" wrote:
>
> On Monday 16 Jan 2012 01:35:04 Pandu Poluan wrote:
> > On Jan 16, 2012 12:58 AM, "Walter Dnes" wrote:
> > > On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
> > >
> > > > This is nothing like changing the port for SSH - a port scanner can
> > >
On Monday 16 Jan 2012 01:35:04 Pandu Poluan wrote:
> On Jan 16, 2012 12:58 AM, "Walter Dnes" wrote:
> > On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
> >
> > > This is nothing like changing the port for SSH - a port scanner can
> > > figure that one out in seconds...
> >
> > A real
On Mon, Jan 16, 2012 at 08:23:33AM +0700, Pandu Poluan wrote
> That depends on who are authorized to access the boxen via SSH. In my case,
> only the IT Division is authorized to access them via SSH, so the "real
> sysadmin" in me (g) decides it is much easier to shift the port rather than
> imple
On Jan 16, 2012 12:58 AM, "Walter Dnes" wrote:
>
> On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
>
> > This is nothing like changing the port for SSH - a port scanner can
> > figure that one out in seconds...
>
> A real BOFH would set up a dummy instance of sshd on the regular port,
>
On Jan 16, 2012 3:56 AM, "Alan McKinnon" wrote:
>
> On Sun, 15 Jan 2012 12:54:51 -0500
> "Walter Dnes" wrote:
>
> > On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
> >
> > > This is nothing like changing the port for SSH - a port scanner can
> > > figure that one out in seconds...
> >
>
On Sun, 15 Jan 2012 12:54:51 -0500
"Walter Dnes" wrote:
> On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
>
> > This is nothing like changing the port for SSH - a port scanner can
> > figure that one out in seconds...
>
> A real BOFH would set up a dummy instance of sshd on the reg
On 2012-01-15 12:54 PM, Walter Dnes wrote:
On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
This is nothing like changing the port for SSH - a port scanner can
figure that one out in seconds...
A real BOFH would set up a dummy instance of sshd on the regular port,
as well as a real
On Thu, Jan 12, 2012 at 06:30:03AM -0500, Tanstaafl wrote
> This is nothing like changing the port for SSH - a port scanner can
> figure that one out in seconds...
A real BOFH would set up a dummy instance of sshd on the regular port,
as well as a real sshd instance on another port. The dumm
On Sunday 15 Jan 2012 14:19:07 Tanstaafl wrote:
> On 2012-01-15 3:50 AM, Pandu Poluan wrote:
> > Well, I *always* change my sshd ports, not for added security, but
> > because I'm tired of seeing failed login attempts from China. The daily
> > log became *much* shorter after I moved the port somew
On 2012-01-15 3:50 AM, Pandu Poluan wrote:
Well, I *always* change my sshd ports, not for added security, but
because I'm tired of seeing failed login attempts from China. The daily
log became *much* shorter after I moved the port somewhere else.
That is the *only* legitimate reason (I can thi
On Jan 12, 2012 8:07 PM, "Alan McKinnon" wrote:
>
, >8 snip
>
> Changing the ssh port (and even crypto keys on DVDs) is just a
> brain-dead approach, we agree on that. We rightfully rip a new one to
> people advocating doing this.
>
Well, I *always* change my sshd ports, not for added secur
On Thursday 12 Jan 2012 14:06:26 Alan McKinnon wrote:
> On Thu, 12 Jan 2012 08:58:02 -0500
>
> Tanstaafl wrote:
> > But I still disagree. Would you also classify 'changing the locks on
> > your house' as security through obscurity? Because changing the
> > character set in PWM is just like chang
On Thu, Jan 12, 2012 at 11:41:28AM -0500, Mike Edenfield wrote:
> Actually, it's just the words "purple RAIN" with e/a/I replaced with 3/4/1;
> I chose l33t-sp33k since I figured it was so over-used for password
> generation that everyone would recognize it immediately :) But yes, I think
> Randal
> From: Alan McKinnon [mailto:alan.mckin...@gmail.com]
> Sent: Wednesday, January 11, 2012 7:31 PM
> To: gentoo-user@lists.gentoo.org
> Subject: Re: [gentoo-user] Resetting the root passwd
>
> On Wed, 11 Jan 2012 18:09:40 -0500
> "Mike Edenfield" wrote:
>
On Thu, 12 Jan 2012 08:58:02 -0500
Tanstaafl wrote:
> > So it's just a description, not an insult. Don't read it as such
>
> Oh, I didn't, I did catch the 'but I still like it', sorry if my
> reply made it sound like I was insulted ;)
>
> But I still disagree. Would you also classify 'changin
On 2012-01-12 8:03 AM, Alan McKinnon wrote:
On Thu, 12 Jan 2012 06:30:03 -0500 Tanstaafl wrote:
On 2012-01-11 5:51 PM, Alan McKinnon wrote:
yes, I know it's really just security by obscurity in disguise but I
still like it.
Actually, I disagree vehemently that it is 'security through
obscu
On Thu, 12 Jan 2012 06:30:03 -0500
Tanstaafl wrote:
> On 2012-01-11 5:51 PM, Alan McKinnon wrote:
> >> 2. Change the character set used (I always do this)
> > I like this one:-)
> >
> > yes, I know it's really just security by obscurity in disguise but I
> > still like it.
>
> Actually, I disag
On 2012-01-12 6:39 AM, Tanstaafl wrote:
That, again, is why I like pwm... I only have to remember my 3 or 4
Master Passwords (and which category an account is in, but I have a
system and that is not a problem).
Oh... I have about 100 accounts in my passwordmaker settings... so I
would have to
On 2012-01-11 7:31 PM, Alan McKinnon wrote:
Personally, I advocate using smart password generators like apg. The
password truly is a random distribution of junk, but one that can be
pronounced (a key factor in remembering it).
But that is the whole point... once you get beyond 3, 4 or 10+
pas
On 2012-01-11 6:48 PM, Dale wrote:
That's why I like Lastpass. It fills them in for me so that I can have
a really nice strong password but I don't have to type it in each time.
Like I said, I like Lastpass too, but I simply do not like *storing* the
passwords somewhere, encrypted or no...
On 2012-01-11 5:51 PM, Alan McKinnon wrote:
2. Change the character set used (I always do this)
I like this one:-)
yes, I know it's really just security by obscurity in disguise but I
still like it.
Actually, I disagree vehemently that it is 'security through obscurity'...
It would be next
On Wed, 11 Jan 2012 18:09:40 -0500
"Mike Edenfield" wrote:
> > I agree. Longer pass{words,phrases} only increases the difficulty
> > of the problem, but not significantly so.
>
> After I read the aforementioned xkcd comic, my main question was how
> he defined the various bits of entropy for e
On Wed, 11 Jan 2012 17:48:50 -0600
Dale wrote:
> On a security related question. Why does so many people have their
> facebook accounts and other similar sites hacked? Do hackers just
> guess their passwords or do they break into the websites? I have
> facebook, myspace, google+ and a couple
Alan McKinnon wrote:
On Wed, 11 Jan 2012 17:08:04 -0500
Michael Mol wrote:
I'm seriously unconvinced that concatenating words significantly
increases the difficulty of the problem. Just as a mentalist will
presume you're thinking about '7', your average demographic would
probably draw from a s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 12.01.2012 00:09, Mike Edenfield wrote:
> From: Alan McKinnon [mailto:alan.mckin...@gmail.com] Sent:
> Wednesday, January 11, 2012 5:48 PM
>
>> On Wed, 11 Jan 2012 17:08:04 -0500 Michael Mol
>> wrote:
>>
>>> I'm seriously unconvinced that concate
From: Alan McKinnon [mailto:alan.mckin...@gmail.com]
Sent: Wednesday, January 11, 2012 5:48 PM
> On Wed, 11 Jan 2012 17:08:04 -0500
> Michael Mol wrote:
>
> > I'm seriously unconvinced that concatenating words significantly
> > increases the difficulty of the problem. Just as a mentalist will
On Wed, 11 Jan 2012 17:05:28 -0500
Tanstaafl wrote:
> On 2012-01-11 4:51 PM, Alan McKinnon wrote:
> > The site doesn't say much. It has one page, no internal links
> > (quite a few external ones) and a single link to an image.
>
> Weird... the wiki tree is gone... there are a *ton* of pages the
On Wed, 11 Jan 2012 17:08:04 -0500
Michael Mol wrote:
> I'm seriously unconvinced that concatenating words significantly
> increases the difficulty of the problem. Just as a mentalist will
> presume you're thinking about '7', your average demographic would
> probably draw from a small pool of sou
On 2012-01-11 5:05 PM, Tanstaafl wrote:
Actually, it does, and once the site is back up I'll post here and you
can go read all about it...
Even weirder...
The menu tree is actually still there, but it is displayed way down the
page, so something definitely is broken. I've already emailed the
Alan McKinnon wrote:
> On Wed, 11 Jan 2012 16:07:41 -0500
> Tanstaafl wrote:
>
>> On 2012-01-11 3:56 PM, Alan McKinnon wrote:
>>> On Wed, 11 Jan 2012 11:04:01 -0500
>>> Tanstaafl wrote:
http://passwordmaker.org/
>>>
>>> I haven't read the site yet, but just on the basis of your
>>> de
On 2012-01-11 4:51 PM, Alan McKinnon wrote:
The site doesn't say much. It has one page, no internal links (quite a
few external ones) and a single link to an image.
Weird... the wiki tree is gone... there are a *ton* of pages there, I'll
have to poke the maintainers... maybe they were updatin
I tell you the right way todo it. Make it easy as possible, not so
difficult like the others in the thread!
Download system rescuecd (which is a nice gentoo system with lots of
beautiful tools running out of the box):
http://www.sysresccd.org/Download
download, burn and boot from the cd. This i
On Wed, 11 Jan 2012 16:07:41 -0500
Tanstaafl wrote:
> On 2012-01-11 3:56 PM, Alan McKinnon wrote:
> > On Wed, 11 Jan 2012 11:04:01 -0500
> > Tanstaafl wrote:
> >> http://passwordmaker.org/
> >>
> >
> > I haven't read the site yet, but just on the basis of your
> > description, all I'm seeing is
On 2012-01-11 3:56 PM, Alan McKinnon wrote:
On Wed, 11 Jan 2012 11:04:01 -0500
Tanstaafl wrote:
http://passwordmaker.org/
I haven't read the site yet, but just on the basis of your description,
all I'm seeing is a teeny-weeny amount of entropy leading to
passwords that are very easy for com
On Wed, 11 Jan 2012 11:04:01 -0500
Tanstaafl wrote:
> On 2012-01-11 9:16 AM, Alan McKinnon wrote:
> > On Wed, 11 Jan 2012 07:26:07 -0500
> > Tanstaafl wrote:
> >> I couldn't live without Passwordmaker (Firefox Addon), with it, I
> >> can have as strong and random passwords as I want on every si
Tanstaafl wrote:
On 2012-01-11 1:47 PM, Dale wrote:
Tanstaafl wrote:
On 2012-01-11 11:51 AM, Dale wrote:
I use Lastpass for my stuff. It is encypted locally but available
anywhere. It works pretty well.
Heard good things about it, but I prefer something that doesn't store
the passwords an
Tanstaafl writes:
> On 2012-01-11 11:51 AM, Dale wrote:
>> These things sure beat trying to remember a really strong password. My
>> bank and credit card passwords are off the chart.
>
> Yeah, but what about those moron banks that only allow you to use
> lowercase letters - and only a max of 6
On 2012-01-11 1:47 PM, Dale wrote:
Tanstaafl wrote:
On 2012-01-11 11:51 AM, Dale wrote:
I use Lastpass for my stuff. It is encypted locally but available
anywhere. It works pretty well.
Heard good things about it, but I prefer something that doesn't store
the passwords anywhere, ever...
Tanstaafl wrote:
On 2012-01-11 11:51 AM, Dale wrote:
I use Lastpass for my stuff. It is encypted locally but available
anywhere. It works pretty well.
Heard good things about it, but I prefer something that doesn't store
the passwords anywhere, ever...
I have to many places to remember all
Tanstaafl wrote:
> On 2012-01-11 11:36 AM, Michael Mol wrote:
>> Most of my passwords are some hash[1] of a common passcode[2] and some
>> site-specific or service-specific mnemonic. I imagine this would work
>> similarly, using the absolute URL in place of a mnemonic.
>>
>> The downside would be
On 2012-01-11 11:51 AM, Dale wrote:
I use Lastpass for my stuff. It is encypted locally but available
anywhere. It works pretty well.
Heard good things about it, but I prefer something that doesn't store
the passwords anywhere, ever...
These things sure beat trying to remember a really str
On 2012-01-11 11:36 AM, Michael Mol wrote:
Most of my passwords are some hash[1] of a common passcode[2] and some
site-specific or service-specific mnemonic. I imagine this would work
similarly, using the absolute URL in place of a mnemonic.
The downside would be if the server changed its URL r
Tanstaafl wrote:
On 2012-01-11 11:27 AM, Neil Bothwick wrote:
On Wed, 11 Jan 2012 11:04:01 -0500, Tanstaafl wrote:
I couldn't live without Passwordmaker (Firefox Addon), with it, I can
have as strong and random passwords as I want on every site, it auto
fills the username/password for me (if i
On Wed, 11 Jan 2012 11:35:57 -0500, Tanstaafl wrote:
> > So it stores the data and method needed to recreate the password, same
> > thing. Or does it not store the username, in which case you have to
> > use the same username everywhere?
>
> It would be easier for you to understand how it works
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Neil Bothwick wrote:
> On Wed, 11 Jan 2012 11:04:01 -0500, Tanstaafl wrote:
>
I couldn't live without Passwordmaker (Firefox Addon), with
it, I can have as strong and random passwords as I want on
every site, it auto fills the usernam
On 2012-01-11 11:27 AM, Neil Bothwick wrote:
On Wed, 11 Jan 2012 11:04:01 -0500, Tanstaafl wrote:
I couldn't live without Passwordmaker (Firefox Addon), with it, I can
have as strong and random passwords as I want on every site, it auto
fills the username/password for me (if it is a web login p
On Wed, 11 Jan 2012 11:04:01 -0500, Tanstaafl wrote:
> >> I couldn't live without Passwordmaker (Firefox Addon), with it, I can
> >> have as strong and random passwords as I want on every site, it auto
> >> fills the username/password for me (if it is a web login page), but
> >> doesn't store any
On 2012-01-11 9:16 AM, Alan McKinnon wrote:
On Wed, 11 Jan 2012 07:26:07 -0500
Tanstaafl wrote:
I couldn't live without Passwordmaker (Firefox Addon), with it, I can
have as strong and random passwords as I want on every site, it auto
fills the username/password for me (if it is a web login pa
On Wed, 11 Jan 2012 07:26:07 -0500
Tanstaafl wrote:
> On 2012-01-10 2:12 PM, Hinnerk van Bruinehsen
> wrote:
> > The simpelest solution should be to copy the password-hash of a user
> > whose password is know to you.
> > Afterwards you can log in an change the password again.
>
> Thanks, I lik
On 2012-01-11 7:35 AM, Nilesh Govindarajan wrote:
While booting, pass init=/bin/bash in the kernel command line
I did... otherwise, it still requires you to know the password... ;)
On Jan 11, 2012 5:57 PM, "Tanstaafl" wrote:
>
> On 2012-01-10 2:12 PM, Hinnerk van Bruinehsen
wrote:
>>
>> The simpelest solution should be to copy the password-hash of a user
>> whose password is know to you.
>> Afterwards you can log in an change the password again.
>
>
> Thanks, I like that be
On 2012-01-10 2:12 PM, Hinnerk van Bruinehsen
wrote:
The simpelest solution should be to copy the password-hash of a user
whose password is know to you.
Afterwards you can log in an change the password again.
Thanks, I like that better and it worked like a charm, this way the root
account is
Perfect answer Alan, many thanks...
On 2012-01-10 3:38 PM, Alan McKinnon wrote:
On Tue, 10 Jan 2012 13:46:59 -0500
Tanstaafl wrote:
Ok, I did something really dumb...
I changed the root passwd for a system I manage last week, but
neglected to write it down, and now what I *thought* I had ch
On Tue, Jan 10, 2012 at 08:12:53PM +0100, Hinnerk van Bruinehsen wrote:
> On 10.01.2012 19:46, Tanstaafl wrote:
> > Ok, I did something really dumb...
> >
> > I changed the root passwd for a system I manage last week, but
> > neglected to write it down, and now what I *thought* I had changed
> > i
On Tue, 10 Jan 2012 13:46:59 -0500
Tanstaafl wrote:
> Ok, I did something really dumb...
>
> I changed the root passwd for a system I manage last week, but
> neglected to write it down, and now what I *thought* I had changed it
> to isn't working... I know, I know, really *really* dumb, but that
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 10.01.2012 19:46, Tanstaafl wrote:
> Ok, I did something really dumb...
>
> I changed the root passwd for a system I manage last week, but
> neglected to write it down, and now what I *thought* I had changed
> it to isn't working... I know, I know,
56 matches
Mail list logo
