On Monday 13 November 2006 10:11, Frank Staals wrote: > The point is it isn't security through obscurity: as allready pointed > out, FreeBSD & sshd can withstand those brute force attacks without much > of a problem so there is no security problem, the only thing is those > brute force attacks are anoying since they cloud authd.log If those > attacks WERE a problem, or if there was a system which you could log in > without user & pass if you would find out the correct port then, but > only then, it is a bad idea ....
Given enough time, every user/password combination can be broken. Perhaps not in your lifetime, but it is still a real possibility. Given the relative ease of setting up keys and simply dispersing with user/passwords all together, I fail to see why more users do not avail themselves of this avenue of security. Then again, I don't know how San Diego came back to beat Cincinnati yesterday either. Anyway, each to his own! -- Gerard A word to the wise is often enough to start an argument.
Description: PGP signature