On 6/5/07, Zhasper <[EMAIL PROTECTED]> wrote:
You've already got this quite locked down. You could take it a step further by not allowing passwords at all, and relying on the SSH key you carry on your USB stick to authenticate you. Of course, that again makes things inconvenient for you - if you left the USB stick at home, you can't log in. If it gets stolen, not only can you not log in, but you can't even revoke your key until you get home and get your backup key on the spare usb stick - meanwhile, whoever stole the key has (potentially) free access to your machine..
yep, i'd second this. i don't allow access without a trusted key to any machine unless i'm forced to. just make sure you keep your private keys password protected whenever possible and look at something like keychain to make that easier to manage. cheers, justin -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
