On Thu, 2005-02-10 at 10:47 -0600, Steven Critchfield wrote: > This is a good example of why ease of use is not always a good thing. > Had you actually had to learn more before you had an install, you would > have been through a text or two that mention password strengths.
Apropos ease of use: on publicly accessible servers I disable OpenSSH password access anyway, and allow login only by key. The key passphrase never travels across the net, and per ssh-add it can be stored by an agent which keeps it in memory until log off from your desktop session. I.e. you have to type it only once. Altogether, this gives much more security together with maximum ease of use. Also, just fyi, ssh account and password guessing resp. cracking seems to be hip right now, since I see attempts in my log on a daily basis. Fortunately, with passwords disabled, and as long as OpenSSH itself isn't vulnerable (buffer overflow etc.), I really don't need to be paranoid about this .... Regards, Bruno. _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
