LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Linux support for ARM big.LITTLE

LWN.net Weekly Edition for February 9, 2012

XBMC 11 "Eden"

LWN.net Weekly Edition for February 2, 2012

A tempest in a toybox

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

An update on the Fedora August 2008 intrusion

An update on the Fedora August 2008 intrusion

Posted Mar 30, 2009 19:28 UTC (Mon) by drag (subscriber, #31333)
In reply to: An update on the Fedora August 2008 intrusion by melevittfl
Parent article: An update on the Fedora August 2008 intrusion

> I know this is probably a silly question, but would there be any way to modify SSH to enforce using passwords on the public keys rather than rely on people following a policy document?

Nope.

> I can't imagine any way to do this with 100% effectiveness because you'd have to trust the client side to tell you the truth and a determined policy violator could simply build a custom ssh client that would lie to the server.

Ya. Your right.

This is much much better for large orginizations to disable public key authorization support and use Kerberos instead.

(Log in to post comments)

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds