passwordless ssh from laptop
Chris Green
cl at isbd.net
Mon Dec 26 10:23:20 UTC 2016
On Mon, Dec 26, 2016 at 05:26:34PM +1100, Karl Auer wrote:
[snip]
>
> DISABLED means that you will NOT be able to use your password to log
> in. Instead, you will need to add your public key to the end of
> ~/.ssh/authorized_keys.
>
> This is considerably more secure than allowing passwords.
>
It's only 'more secure' in the sense that it's more difficult to
decrypt/break a key than it is to decrypt/break a password.
IMHO there are situations where it is decidedly *less* secure to use
public key authentication. I access my home machine from two or three
laptops using ssh. If I use public key authentication from those
laptops then if I lose the laptop the keys are vulnerable to an
attacker. If I use password authentication then someone who has my
laptop has no more information than they would have if trying to break
into my systems from anywhere else.
Horses for courses.
--
Chris Green
More information about the ubuntu-users
mailing list