passwordless ssh from laptop
Chris Green
cl at isbd.net
Mon Dec 26 10:26:07 UTC 2016
On Mon, Dec 26, 2016 at 09:35:11AM +0000, Colin Law wrote:
> On 26 December 2016 at 06:26, Karl Auer <kauer at biplane.com.au> wrote:
> >
> > ssh logins without passwords should be used only for strictly limited
> > purposes, such as backups. Always use extra security, such as IP
> > address restrictions or command restrictions. Ideally, don't use
> > passwordless logins at all.
> >
> > Also, read this: http://biplane.com.au/blog/?p=426
>
> That link does not appear to agree with your contention that one
> should not allow access via keys, finishing with the comment:
> "By the way, if you think your password is safe because it is
> complicated or unusual – you are probably wrong. Use publickey only,
> and protect your keys with long, strong passphrases."
>
How is a 'long, strong passphrase' any better than a 'long, strong
password'? As a user I have to remember either one or the other, it's
no easier to use a long, strong key than it is to use that same string
as a password.
--
Chris Green
More information about the ubuntu-users
mailing list