Patrick O'Callaghan wrote:
On Thu, 2008-05-15 at 14:41 -0700, Wolfgang S. Rupprecht wrote:"jeff emminger" <jemminger@xxxxxxxxx> writes:isn't password authentication insecure? why not set "PasswordAuthentication no" and use ssh keys, and maybe port-knocking tooMy feeling exactly. You have no control over how stupid a password users will pick. The only control you have is to not allow passwords in the first place and insist on at least a 1k-bit (hopefully random) key.Then you just have to hope the users' machines aren't vulnerable ... poc
Or at least they use a pass-phrase protected key, and a good phrase. Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
