>>> Andy Pieters <[email protected]> schrieb am 14.06.2021 um 10:09 in Nachricht <cab2l6a_rbchd93xwdjtfqzunagddjq9zv++d_oisnurljb5...@mail.gmail.com>: > On Mon, 14 Jun 2021 at 09:05, Ulrich Windl < > [email protected]> wrote: > >> >> The better solution would have been to pick a stronger password IMHO. >> >> >> Or rather turn off password authentication. If you must have automation, > use RSA keys, if not, and really want to keep passwords, add a 2FA to it, > like yubikey.
Considering a more than 10 year old recommendation that a password should have at least 96 bits of entropy, I wonder which robot was able to brute-force attack such over SSH. What passwords and RSA keys have in common: They are worthless once leaked. Regards, Ulrich _______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
