passwordless ssh from laptop
Colin Law
clanlaw at gmail.com
Mon Dec 26 14:50:37 UTC 2016
On 26 December 2016 at 14:13, Chris Green <cl at isbd.net> wrote:
> On Mon, Dec 26, 2016 at 11:15:01AM +0000, Colin Law wrote:
>> > How is a 'long, strong passphrase' any better than a 'long, strong
>> > password'? As a user I have to remember either one or the other, it's
>> > no easier to use a long, strong key than it is to use that same string
>> > as a password.
>>
>> Because you need both the key and the passphrase. The hackers probing
>> your server from the other side of the world will have no chance of
>> getting in (they concentrate on guessing user names and passwords) and
>> even someone who (for example) steals your laptop, and so has access
>> to the key, still has to guess the passphrase.
>>
> In that case though (stolen, or access to, laptop) the intruder has
> unlimited access and can apply brute force methods. If [s]he's
> guessing passwords remotely that's not so possible.
On the assumption you know that the laptop as been stolen then you can
revoke the key on the server, so the thief will not be able to use the
key to get into the server even if (s)he manages to break the
passphrase on the key.
Colin
More information about the ubuntu-users
mailing list