passwordless ssh from laptop
Chris Green
cl at isbd.net
Mon Dec 26 14:20:04 UTC 2016
On Mon, Dec 26, 2016 at 01:36:45PM +0100, Volker Wysk wrote:
> Am Montag, 26. Dezember 2016, 10:23:20 CET schrieb Chris Green:
> > IMHO there are situations where it is decidedly *less* secure to use
> > public key authentication. I access my home machine from two or three
> > laptops using ssh. If I use public key authentication from those
> > laptops then if I lose the laptop the keys are vulnerable to an
> > attacker. If I use password authentication then someone who has my
> > laptop has no more information than they would have if trying to break
> > into my systems from anywhere else.
>
> That's why you should encrpyt the hard disk of a laptop. There is a lot of
> information on it, which a thief might find "interesting".
>
Not on mine. There are no valuable keys or anytthing like that. I
work on the basis that my laptops *are* vulnerable to theft so I make
sure as far as possible that there's no useful data on them.
Even if the filesystem is encrypted one is still vulnerable to someone
stealing it when up and running, not that unlikely. I (like many
other people I suspect) leave my laptop turned on for quite
considerable periods.
--
Chris Green
More information about the ubuntu-users
mailing list