SSH hacked?

Karl F. Larsen klarsen1 at
Tue Jan 13 19:38:52 UTC 2009

Knute Johnson wrote:
> Knapp wrote:
>> The lesson is that it is really easy to get passwords, even in tight 
>> systems. Be really careful!
> Isn't that really the point.  Why use passwords at all with SSH?  The 
> public key authentication is several orders of magnitude harder to crack 
> than username/password.  And it is really easy to use.
    What everyone seems to be missing is that a good 12 digit password 
is difficult to guess and difficult to use. But it is easy if the user 
has it printed on paper taped to his/her computer. This works fine and 
if your worried you can send the user a new password every month.

    Someone said it is possible to make your system blackball a user who 
tries 3 bad passwords. I missed how this is done so I would like it 



	Karl F. Larsen, AKA K5DI
	Linux User
   PGP 4208 4D6E 595F 22B9 FF1C  ECB6 4A3C 2C54 FE23 53A7

More information about the ubuntu-users mailing list