User: Password:
Subscribe / Log in / New account

when you cannot force, encourage

when you cannot force, encourage

Posted Jan 14, 2010 9:29 UTC (Thu) by dgm (subscriber, #49227)
Parent article: SSH: passwords or keys?

> So, it would seem that disallowing password authentication for ssh and requiring users to password protect their private keys would go a long way towards eliminating compromises via ssh. There aren't any technological means to force passwords on private keys, but an administrator must either trust their users or disable their access.

When one cannot force the desired behavior, the next best thing is to make it so easy that only the most stubborn will do otherwise deliberately. What's needed is a tool that does just that.

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds