| |||||||||||||
SSH: passwords or keys?SSH: passwords or keys?Posted Jan 14, 2010 8:21 UTC (Thu) by dd9jn (subscriber, #4459)In reply to: SSH: passwords or keys? by ohrn Parent article: SSH: passwords or keys?
That is one of the reasons why you should use a smartcard based key - at least for the root account. You can't brute force that (as long as you use a non obvious PIN).
Now you may only mount an active attack by taking over an already authenticated connection using a modified ssh client. However, it is mood to speculate over such scenarios because there is no way you can protect yourself from a taken over machine.
(Log in to post comments)
SSH: passwords or keys? Posted Jan 14, 2010 10:30 UTC (Thu) by Trou.fr (subscriber, #26289) [Link]
except that OpenSSH has a bug open since _years_ to enable "ask for PIN" functionnalilty, without it it's useless...
SSH: passwords or keys? Posted Jan 14, 2010 15:28 UTC (Thu) by dd9jn (subscriber, #4459) [Link]
Well, I never used that.
GnuPG implements the gpg-agent protocol since 2005 and ever since allows the use of smartcards - including PIN entry. It even utilizes the PINpad on some readers.
|
|||||||||||||