Not logged in
Log in now
Create an account
Subscribe to LWN
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
Assuming the attacker cannot sniff which ports you're using (i.e. they
have to attack blindly), using a sequence of ports could be considered
also a password of a kind, with an *64K* alphabet.
Nitpicking (Preventing brute force ssh attacks)
Posted Oct 28, 2007 20:58 UTC (Sun) by njs (guest, #40338)
Yes. I'm not sure what your point is, though -- I already agreed that adding port knocking is
like making your password longer, and there's nothing magical about a 64K alphabet. It just
means that a single knock gives you about 16 bits of entropy, as compared to 6 bits from a
random ascii character, so 1 knock gives a bit less than 3 (good) password characters. Or...
you can just use a 4096-bit key and be done with it.
Posted Oct 28, 2007 21:02 UTC (Sun) by njs (guest, #40338)
Oh, right, and should have also pointed out -- passwords/keys remain safe even if the attacker
is allowed to sniff all they want, no extra work is required to be secure in that case.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds