Re: ssh clarification needed

Mike Cloaked wrote:


Aaron Konstam wrote:

Are you suggesting that decrypting the ssh keys are a feasable activity?
I doubt it.



I doubt it too - but having the keys means you can use them to login in as
if the original owner!

Only if you can crack the pass phrase or the user was dumb enough to
create a private key without a pass phrase. (I have used them on
servers that need to connect to another server for a specific job,
but the other server is configured to run a specific command when
that key is used to connect.)

A brute force password cracker is going to have a hard time unless
someone picked a real poor pass phrase. You may have better luck if
you have information about the creater of the pass phrase. (Didn't
we have one list member that used his name as his password?) For
example, someone trying to crack my pass phrase would probably try
my full name, and the different signatures I use. (It would not
work, but it is a good place to start.)

Mikkel
--

Do not meddle in the affairs of dragons,
for thou art crunchy and taste good with Ketchup!

Attachment: signature.asc
Description: OpenPGP digital signature

--
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

Relevant Pages

  • Re: SSH
    ... > I was thinking about setting up a maximum lazyness maximum security = ... > it to have a ssh2 key with no pass phrase compared to one that does.. ... that contains the keys, you're much worse off. ...
    (FreeBSD-Security)
  • Re: SSH
    ... > I was thinking about setting up a maximum lazyness maximum security = ... > it to have a ssh2 key with no pass phrase compared to one that does.. ... that contains the keys, you're much worse off. ...
    (FreeBSD-Security)
  • SSH
    ... I just wanted to know how dangerous are ssh keys with no password phrases? ... And how bad would it be to have all the servers I have access to with different keys but the exact same password phrase like "pepsi"? ... And is it more secure to have a pass phraseless ssh key compared to just using ssh with no keys and just using a password that belongs to the unix account? ...
    (FreeBSD-Security)
  • Re: openSSL Key generation
    ... > night, are athalon processors slow? ... or did I phrase my command incorrectly? ... which is fine for _many_ tasks, but server ... keys should probably use the real thing..) ...
    (Focus-Linux)
  • Re: chat-tools for Halo?
    ... You can use a utility to make macro's that will open a text window ... and send the phrase of your choice depending on which keys you ...
    (microsoft.public.games)