Corporate public key?

CL Gilbert Lamont_Gilbert@RigidSoftware.com
Wed Jul 9 15:11:03 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joseph Bruni wrote:
| This gets annoying after while, especially if you find yourself needing
| to connect to said server while away from a host that has your private
| key. Being able to fall back to passwords is a nice convenience for most
| circumstances and, unless that Linux server of yours really contains
| sensitive information, I wouldn't worry about a password crack (unless
| you have really easy-to-guess passwords). Having to load your private
| key on a temporary host has its own set of vulnerabilities.
|
| One thing that would help to slow down a password attack is successive
| increases in delays after each wrong password. Apple's implementation of
| OpenFirmware does that to keep people from trying to brute force that
| password. Perhaps you can configure "login" or "sshd" to do the same? Or
| recommend it to the OpenBSD folks.
|
| I'm not knocking public-key authentication at all -- I use it almost
| exclusively -- and the ssh-agent makes life really nice. But disabling
| the fallback to passwords seems a bit obtuse, IMHO.
|
|
| On Tuesday, July 8, 2003, at 10:27 AM, CL Gilbert wrote:
|
|> I have disabled ssh passwords on my Linux box in favor of gpg key logins
|> because they cant be hacked like a pwd.  plus I don't have to remember
|> them as long as I have my key with me.
|

all these things must be considered before you do this.  but I think the
~ key is more secure than that password.  I know its neglidgible and
probably a little anal though :D  All part of Linux I guess, fun to do
and learn stuff and have my own *way* of doing things.  makes me feel as
if I *know* Linux.



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users



- --
Thank you,


CL Gilbert
Free Java interface to Freechess.org
http://www.rigidsoftware.com/Chess/chess.html
"Then said I, Wisdom [is] better than strength: nevertheless the poor
man's wisdom [is] despised, and his words are not heard." Ecclesiastes 9:16

GnuPG Key Fingerprint:
82A6 8893 C2A1 F64E A9AD  19AE 55B2 4CD7 80D2 0A2D
GNU Privacy Guard http://www.gnupg.org
Pretty Good Privacy (PGP) http://web.mit.edu/network/pgp.html, windows
users should try that.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE/DBSnVbJM14DSCi0RAq0NAKC2605DuE36KF4peXAvg23ftVKBwgCgls8S
s/DToIWetDn6xE3mUvuVths=
=7g9D
-----END PGP SIGNATURE-----