User: Password:
|
|
Subscribe / Log in / New account

SSH: passwords or keys?

SSH: passwords or keys?

Posted Jan 14, 2010 8:21 UTC (Thu) by dd9jn (subscriber, #4459)
In reply to: SSH: passwords or keys? by ohrn
Parent article: SSH: passwords or keys?

That is one of the reasons why you should use a smartcard based key - at least for the root account. You can't brute force that (as long as you use a non obvious PIN).

Now you may only mount an active attack by taking over an already authenticated connection using a modified ssh client. However, it is mood to speculate over such scenarios because there is no way you can protect yourself from a taken over machine.


(Log in to post comments)

SSH: passwords or keys?

Posted Jan 14, 2010 10:30 UTC (Thu) by Trou.fr (subscriber, #26289) [Link]

except that OpenSSH has a bug open since _years_ to enable "ask for PIN" functionnalilty, without it it's useless...

http://bugzilla.mindrot.org/show_bug.cgi?id=608

SSH: passwords or keys?

Posted Jan 14, 2010 15:28 UTC (Thu) by dd9jn (subscriber, #4459) [Link]

Well, I never used that.

GnuPG implements the gpg-agent protocol since 2005 and ever since allows the use of smartcards - including PIN entry. It even utilizes the PINpad on some readers.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds