On Fri, May 6, 2011 at 12:13, Brian <a...@cityscape.co.uk> wrote: >> You could run Debian Live on a USB stick (or any other live distro, >> really). Boot your work machine with that, and you will have a trusted >> machine. Use that to ssh to your home machine. > > I suppose this 'trusted machine' doesn't have a key logger on it? >
Check the keyboard cable, good idea. Only a hardware keylogger would be an attack vector once the machine is booted from removable media. A key would help here, as it is not typed in anyway. >> And follow the advice that others have already given you. Specifically, >> disallow password authentication. That is a biggie. Even if you have a >> strong password, others on your home machine may not. As already said, >> you can use AllowUsers in sshd_config to allow only specific users to >> have ssh access. > > A strong password is no less secure in brute force terms than a key so > there is no reason to disallow it on those grounds. You can also be sure > you have never left it at home or elsewhere. > A strong password can be keylogged, a key cannot. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktikzth0omdgrz_gbuvhoevtyvmf...@mail.gmail.com