SSH

From: Michael Vince (michael@roq.com)
Date: 02/05/02


From: "Michael Vince" <michael@roq.com>
To: <security@freebsd.org>
Date: Tue, 5 Feb 2002 19:01:36 +1100

Hey all.
I was thinking about setting up a maximum lazyness maximum security security policy for my self.
I just wanted to know how dangerous are ssh keys with no password phrases? I mean if some one is packet sniffing you how much more bad is it to have a ssh2 key with no pass phrase compared to one that does..
And how bad would it be to have all the servers I have access to with different keys but the exact same password phrase like "pepsi"?
And is it more secure to have a pass phraseless (no pass phrase) ssh key compared to just using ssh with no keys and just using a password that belongs to the unix account?
I just find my self having alot of passwords to remember and looking and changing the way I do things.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Relevant Pages

  • Re: Annoying problem with ssh keys
    ... How do I get ssh to behave? ... the initial agent process in the file and directory name.) ... That will load the standard keys into the agent: ... after it gets the pass phrase for each key. ...
    (Ubuntu)
  • Re: Annoying problem with ssh keys
    ... How do I get ssh to behave? ... the initial agent process in the file and directory name.) ... after it gets the pass phrase for each key. ... Note that if you have two keys with the same pass phrase, ...
    (Ubuntu)
  • Re: Opening ports in my firewall
    ... >> only with DSA keys, and not allowing manual password logins. ... - copy the .ssh directory to the new machine, if you control it, or ... Walter Dnes; my email address is *ALMOST* like wzaltdnes@waltdnes.org ...
    (comp.os.linux.security)
  • RE: sshd / ssh setup
    ... USA server and his windows/xp notebook to use SSH. ... followed sshd instruction and built ... and require users to submit keys. ...
    (freebsd-questions)
  • Re: SSH via Expect disconnects
    ... using autoexpect was the answer (please refer to thread ... >> I have received one suggestion that I explore the idea of using keys ... >> have poured through the manpage for Expect as well as SSH, ... >>> I am using an expect script to initiate an SSH session to another host ...
    (comp.lang.tcl)