Am Mi, den 07.12.2005 schrieb STYMA, ROBERT E (ROBERT) um 15:35: > Key based authentication is good, but there is one caveat. Straight > key based allows you to log in directly without typing a password. > If you are ssh'ing from work to home from a UNIX machine, any sys-admin > with the root password on your work machine can become you and then > ssh to your home machine as you with no password. Maybe you don't care > if your sysadmin is dinking around in your home machine and maybe you do. > Bob Styma That is exactly one of the reasons why to always secure the private key part with a safe passphrase. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 15:43:34 up 2 days, 20:20, load average: 0.05, 0.06, 0.07
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
