Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: ssh, passphrases and stdin

from [Greg Wooledge] Network Security [Permanent Link]
Subject: Re: ssh, passphrases and stdin
Date: Wed, 25 Aug 2004 07:41:33 -0400 
On Tue, Aug 24, 2004 at 06:05:55PM +0200, David E. Meier wrote:

Since I don't want to have an unencrypted key on the system I need to
enable a passphrase.


Having a passphrase stored on the hard drive doesn't buy you any security
improvement over simply having a passphrase-less key.  You might as well
simplify your life and remove the passphrase altogether.

What it comes down to (as I'm pretty sure you already know, but just
didn't want to admit to yourself) is that you have two choices:

  1) Unattended booting (no passphrase)
  2) Attended booting (passphrase must be entered every time)

Any attempt to compromise between these two extremes is just "security
through obscurity" and adds nothing to your real security.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  ssh, passphrases and stdin, David E. Meier
Next by Date:  RE: HELP please! Why is the agent NOT recognized, Christopher.Fouts
Previous by Thread:  ssh, passphrases and stdin, David E. Meier
Next by Thread:  Kerberos5/AFS Support in 3.9?, Sensei
Indexes:  [Date] [Thread] [Top] [All Lists]