On Tuesday 15 July 2008 02:11:52 Bernhard R. Link wrote: > * Nico Golde <[EMAIL PROTECTED]> [080715 10:10]: > > > Ok, key have error, but it is probably one letter, or some whitespaces. > > > Ok, it is public key, but sshd shouldn't log it anyway. > > > > The public key is no sensitive data, I see no problem doing > > this. > > I want to contradict here. The public key contains all the information > needed to login, just garbled enough to make it extremly hard to use > this information. So it is a somewhat similar equivalence class like > the hashed password in /etc/shadow: If it is possible to keep it > secret, do so.
/etc/shadow contains (salted) hashes of plaintext passwords. This means that access to /etc/shadow allows an off-line dictionary attack, taking advantage of the limited keyspace of plaintext passwords. In contrast, recovering a private key from a public key requires a search of the much larger space of possible private keys. --Mark Voorhies [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
