Todd Lyons <[EMAIL PROTECTED]> writes: > et wrote on Fri, Oct 04, 2002 at 07:12:41PM -0400 : >> > If everything is configured correctly, the clients will connect to >> > the server without asking for a password, run the requested >> > command/application and disconnect when the command/application is >> > done. >> ahh soo... very good. > > But insecure. Now by only cracking into one box a cracker can get > complete control of TWO machines instead of just one. It's up to you > which poison you pick.
That's absolutely correct. I guess the choices are, as usual, between better security and better usability...he didn't want passwords involved, that's why I mentioned that way. You can, of course, create your keys with nice long pass-phrases and use key management software, like ssh-agent or the gnome version of it. I prefer the key management approach for boxes at work and the password-less way for boxes at home...my workstation is the most important box in my home LAN...if somebody breaks into it, anything else they do is nothing compared to what they've already accomplished. Vox -- Pain is the gift of the gods, and I'm the one they chose as their messenger.... For info on safety in the BDSM lifestyle http://www.the-vox.com Think of the Linux community as a niche economy isolated by its beliefs. Kind of like the Amish, except that our religion requires us to use _higher_ technology than everyone else. -- Donald B. Marti Jr.
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
