Re: SSH Security

Am Mi, den 07.12.2005 schrieb STYMA, ROBERT E (ROBERT) um 15:35:

> Key based authentication is good, but there is one caveat. Straight
> key based allows you to log in directly without typing a password.
> If you are ssh'ing from work to home from a UNIX machine, any sys-admin
> with the root password on your work machine can become you and then
> ssh to your home machine as you with no password. Maybe you don't care
> if your sysadmin is dinking around in your home machine and maybe you do.

> Bob Styma

That is exactly one of the reasons why to always secure the private key
part with a safe passphrase.


Alexander Dalloz | Enger, Germany | GPG 0xB366A773
legal statement:
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 15:43:34 up 2 days, 20:20, load average: 0.05, 0.06, 0.07

Description: Dies ist ein digital signierter Nachrichtenteil

fedora-list mailing list
To unsubscribe:

Relevant Pages

  • Re: /etc/syslog.conf in FC4
    ... Am Fr, den 27.01.2006 schrieb STYMA, ROBERT E um 21:25: ... you want to not get the above loggings in the messages syslog ... It is not facility cron causing these log entries. ...
  • Re: Bugzilla FC3 and ssh
    ... Am Mi, den 23.02.2005 schrieb STYMA, ROBERT E um 20:37: ... legal statement: Fedora GNU/Linux Core 2 (Tettnang) on Athlon kernel 2.6.10-1.14_FC2smp ...
  • Using XP Home at work
    ... Robert. ... >I have an XP Home machine that I need to hook into an ... >office networking environment temporarily (4 months off ...