SSH: passwords or keys?
Posted Jan 17, 2010 19:43 UTC (Sun) by gmaxwell
In reply to: SSH: passwords or keys?
Parent article: SSH: passwords or keys?
Proper key strengthening makes off-line brute force attacks annoyingly difficult against all except the weakest keys.
There is pretty much no way to eliminate an off-line brute force attack: Even if you instead require passwords that attacker could capture the exchange with the server and execute a brute force attack against the session crypto.
to post comments)