On 05/06/07, Jeff Waugh <[EMAIL PROTECTED]> wrote:
<quote who="Zhasper">
> You could take it a step further by not allowing passwords at all, and
> relying on the SSH key you carry on your USB stick to authenticate you. Of
> course, that again makes things inconvenient for you - if you left the USB
> stick at home, you can't log in. If it gets stolen, not only can you not
> log in, but you can't even revoke your key until you get home and get your
> backup key on the spare usb stick - meanwhile, whoever stole the key has
> (potentially) free access to your machine..
For those watching at home: *ALWAYS* use passphrases on ssh keys for normal
user accounts (as opposed to command locked accounts). Then use ssh-agent to
dodge both server password and ssh key passphrase inconvenience... You will
never go back to passwords again.
What Jeff said. Definitely. Person who wrote the original paragraph
clearly wasn't thinking when they wrote something that suggested using
keys without passphrases..
Don't rely on passphrases to protect you though. If your USB key is
not just lost, but is stolen - or even worse, if you use it on a
compromised machine that takes a copy of your key for its own use[1],
there's a decent chance the attacker used something like a keylogger
to grab your passphrase as well.
On the other hand, it's one extra step: it's not sufficient just to
use the keylogger and grab your passphrase, nor is it sufficient to
steal your USB key and copy the SSH key - by using a key with a
passphrase, you make it necessary that an attacker do both. Doesn't
guarantee that it won't happen, but it makes it just a little bit
harder.
--
There is nothing more worthy of contempt than a man who quotes himself
- Zhasper, 2004
--
SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/
Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
