Ubuntu server remote file access
Christofer C. Bell
christofer.c.bell at gmail.com
Sun Sep 29 02:56:44 UTC 2013
On Sat, Sep 28, 2013 at 1:17 PM, Kent Borg <kentborg at borg.org> wrote:
> On 09/27/2013 03:04 PM, Hal Burgiss wrote:
>
> On Fri, Sep 27, 2013 at 11:28 AM, Kent Borg <kentborg at borg.org> wrote:
>
>> On 09/27/2013 11:07 AM, Colin Law wrote:
>>
>>> I thought that if you used keys for authentication and have disabled
>>> password access (as the OP has done), then ssh is effectively unbreakable.
>>>
>>
>> Yes, but now you have shifted the risk to a new location: your private
>> ssh key.
>>
>
> The only way to avoid all risk is to unplug.
>
>
> Oh, that settles the question.
>
Yes, it does.
> Generic advice. You are leaving out two much more important items:
>
>
> 1. Pick good passwords, passwords that have components determined by
> something actually random, not just passwords that seem obscrue to you.
>
> 2. Keep your passwords secret--which means don't reuse them across
> sites. This is the killer that most people will not do, they would rather
> worry about firewalls.
>
Generic advice. Stop advocating for passwords over ssh keys.
--
Chris
"If you wish to make an apple pie from scratch, you must first invent the
Universe." -- Carl Sagan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20130928/77bd5af2/attachment.html>
More information about the ubuntu-users
mailing list