On 5/6/11, Tom Furie <t...@furie.org.uk> wrote: >> So the attacker needs to guess my private key instead of my password. >> How does that make his life more difficult, assuming my password was >> very strong? > > No, the attacker needs to HAVE your private key and KNOW the pass phrase > for that key. Assuming you keep your key secure and have a decent pass > phrase his life should be very difficult indeed.
He still needs to guess a string, just like he does when password authentication is used. What am I missing? Probably a lot, but I'm not very experienced in security matters. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/BANLkTimC0J4ZMR8LZpEDwNDSa5f=+-n...@mail.gmail.com
