On 3 May 2004, Martin Pool <[EMAIL PROTECTED]> wrote: > http://mah.everybody.org/docs/ssh
That reminds me: security measures that are hard to use have the effect of lowering security. There are probably a significant number of people who use password authentication because ssh-agent and co can be hard to set up. (And even ssh is much better than most public-key systems -- look at the mess of SSL.) I would venture that if ssh-add did automatically create a default daemon when it was run, it would be no worse for "technical" security but would encourage slightly more people to use keys. http://sourcefrog.net/weblog/software/security/ssl-sucks.html http://mpt.phrasewise.com/2003/11/11#a542 -- Martin
signature.asc
Description: Digital signature
__ distcc mailing list http://distcc.samba.org/ To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/distcc
