On 11-02-22 05:11 PM, Mark McCullough wrote: > > On 2011 Feb 22, at 08:04, Yves Dorfsman wrote: > >> >> True. One pet peeve of mine is password-less ssh. For a server with protected >> physical access, that's one thing, but for a user on a laptop without >> encryption, please use a password. Most OSes have key management systems that >> let you type your password once only, which renders the keys useless after a >> reboot, and yet give you nearly the same convenience as password-less ssh. > > You're confusing passwords with a form of two factor authentication > (encrypted private keys.)
No. When I say "please use a password", I do mean to encrypt the ssh keys. > > Strong authentication, based on something you have and something you know, is > a good thing. Passwords as a single factor authentication, are only exceeded > by simple PINs for how insecure they are. > I've heard it argued that if we would stop telling users to not write their > passwords down, the users would actually start treating them like credit > cards and be more secure with them. The problem is how often I see users who > mistreat their credit cards, giving the numbers to other humans freely to use > "just once", etc. > For a user with a laptop, the last thing they should use is a password. For > a user with a secured physical system, the last thing they should use is a > password. > Use strong authentication, and please, remember, you only have ten fingers. > Something you are does not constitute a factor of strong authentication. All > factors must be capable of revocation. With SSH public keys today, there is > no excuse not to use public keys. > > Yes, those public keys should be stored encrypted so that only the holder of > the passphrase can unlock them. That's exactly what my rant was about, I have seen too many people using keys without password on machines that were not physically secure. > > We require any Unix based account with a password (except root) to have > documentation of non-compliance and a plan to remediate. > Make it easy for users to push out their new public keys. Make it easy for > them to secure their keys properly. Once our users started using public key > authentication, they started complaining bitterly to those SAs who tried to > require traditional passwords. > -- Yves. http://www.SollerS.ca/ http://blog.zioup.org/ _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
