On 28/06/2006, at 10:53 PM, Tim Churches wrote:
I am amazed at how many people who should know better configure RSA or DSA authentication without the essential protection of encrypted private keys, just so they can avoid having to type any passwords.
I advocate using a strong passphrase to encrypt your private key. Something you have *and* something you know is an order of magnitude more secure than only either.
I also allow users to have an unencrypted private key if they choose to, and would argue that this is still much more secure than simple password authentication.
Peter. _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
