SSH Security
peter kostov
fedora at light-bg.com
Wed Dec 7 19:35:20 UTC 2005
On Wed, 2005-12-07 at 11:36 -0500, Scot L. Harris wrote:
> On Wed, 2005-12-07 at 10:09, Matthew Miller wrote:
> > On Wed, Dec 07, 2005 at 09:53:56AM -0500, Scot L. Harris wrote:
> > > > I am not saying not to use key based authentication, but it is not a
> > > > cure all.
> > > You are correct, there are no magic bullet solutions. Typically you
> > > would still use a password/passphrase to use your private key. Of
> > > course the same rules apply as to any password, use a good non-trivial
> > > one that can not be guessed.
> >
> > And even more so than normal, since anyone with a copy of the key can
> > attempt to brute-force the passphrase at their leisure.
>
> Which is why you need to protect your private key....
>
And what about storing the private key on a memory card or usb memory
stick?
Peter
More information about the fedora-list
mailing list