passwordless ssh from laptop

Joel Rees joel.rees at gmail.com
Thu Dec 29 23:55:25 UTC 2016


On Thu, Dec 29, 2016 at 7:00 PM, Tony Arnold
<tony.arnold at manchester.ac.uk> wrote:
> Joel,
>
> On Thu, 2016-12-29 at 10:19 +0900, Joel Rees wrote:
>> On Tue, Dec 27, 2016 at 3:09 PM, Eero Volotinen <eero.volotinen at iki.f
>> i> wrote:
>> > google authenticator or ubikey is easy and cheap solution to
>> > implement :)
>> >
>> > Eero
>>
>> Easy and cheap are what you use to lock the junk bike you ride to the
>> store.
>>
>> Multi-factor misunderstood is way over-rated.
>
> In what way is it 'misunderstood' or 'over-rated'?

ergo,

> The consensus in the
> IT Security world is that passwords are now no longer sufficient as
> they leak

as in

> (phishing, key loggers, users sharing them etc)

People believing refusing to believe that there is no magic bullet is
a peculiar problem of willful misunderstanding.

> and so you
> need something else.

And then what do you need?

A new magic bullet?

Or understanding?

> So please justify your statement!

Did you see what I said, or do I need to say it more plainly?

There are a few cases of multi-factor being meaningful, but I don't
see them in common use. It isn't a magic bullet, especially if
administered by a third party that is trying hard to be closer than a
third party. And the technical advantage usually requires such a third
party.

Okay?

-- 
Joel Rees

I'm imagining I'm a novelist:
http://reiisi.blogspot.jp/p/novels-i-am-writing.html




More information about the ubuntu-users mailing list