Re: ssh clarification needed

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Mike Cloaked wrote:
> 
> 
> Aaron Konstam wrote:
>>
>> Are you suggesting that decrypting the ssh keys are a feasable activity?
>> I doubt it.
>>
>>
> 
> I doubt it too - but having the keys means you can use them to login in as
> if the original owner!

Only if you can crack the pass phrase or the user was dumb enough to
create a private key without a pass phrase. (I have used them on
servers that need to connect to another server for a specific job,
but the other server is configured to run a specific command when
that key is used to connect.)

A brute force password cracker is going to have a hard time unless
someone picked a real poor pass phrase. You may have better luck if
you have information about the creater of the pass phrase. (Didn't
we have one list member that used his name as his password?) For
example, someone trying to crack my pass phrase would probably try
my full name, and the different signatures I use. (It would not
work, but it is a good place to start.)

Mikkel
-- 

  Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux