[olug] SSH public/private keys

Christopher Cashell topher at zyp.org
Wed Nov 12 00:22:22 UTC 2003


At Tue, 11 Nov 03, Unidentified Flying Banana Vincent.Raffensberger at dtn.com, said:
> I'm surprised Brian hasn't disabled key authentication or at least locked 
> user's authorized_keys file.

When used properly, public key authentication (using RSA/DSA keys) for
SSH is not any less secure than password authentication.

> The server is only as secure as it's users in this case.

Not just in this case, in every case.  That's a reality of security
whenever users are involved.

> There's certainly a time and place for key authentication though (stub 
> networks).

Again, public key authentication is not any less secure than password
authentication.  In fact, it's ability to let you login securely from
one account to multiple other accounts using a single password can
actually increase security.  It means that users are less likely use the
same password across multiple computer systems to make them easier to
remember.

> -sorry, I had to say it.  At least you set it up from a windows box.

-- 
| Christopher
+------------------------------------------------+
| A: No.                                         |
| Q: Should I include quotations after my reply? |
+------------------------------------------------+



More information about the OLUG mailing list