On Feb 2, 2010, at 8:06 PM, Charles Curley wrote: > > Setting up public key auth is as simple as getting the users' public > keys onto the servers so they can log in, and verifying the correct > permissions. One public key per user you expect them to use. > > Using passwords means the passwords are sent over the net using weak or > no encryption. Public keys themselves are not sent over the net. > Instead, one-off tokens are sent. > > Also, once you have the public keys set up, the user can > ssh/scp/etc. onto the server without ever giving a password, which is > convenient. This allows automation, such as scripted backup at midnight. > > Also, many programs now operate on top of ssh, and public key auth > means they don't require the user to enter a password. rsync, amanda, > etc. > > I use public key auth on my home network out of laziness more than out > of security concerns.
I agree with Charles. Setting up shared keys only takes a moment, and opens up the possibilities of what you can do - especially with regards to automation of stuff like backups using rsync. -- Kimball /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
