authorized_keys and security
From: Boris Glawe (boris_at_boris-glawe.de)
Date: 05/28/03
- Next message: Neil W Rickert: "Re: authorized_keys and security"
- Previous message: jeeva: "ssh proxy and api"
- Next in thread: Neil W Rickert: "Re: authorized_keys and security"
- Reply: Neil W Rickert: "Re: authorized_keys and security"
- Reply: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 28 May 2003 01:12:46 +0200
Hi,
I've got a question concering security.
The files ~/.ssh/id_dsa and ~/.ssh/id_dsa.pub contain the private and
the public keys, used for authentication.
Is it right, that anybody with root access - be this a sysadmin or a
hacker - has access to those files ?
He/She could copy the files to it's own homedirectory and could login to
my areas !?
What is so secure than with this authentication mechanism ?? My password
is in my head, but the key is plaintext on the disk, which can be
accessed, if the system's security mechanism does not protect them...
greets Boris
- Next message: Neil W Rickert: "Re: authorized_keys and security"
- Previous message: jeeva: "ssh proxy and api"
- Next in thread: Neil W Rickert: "Re: authorized_keys and security"
- Reply: Neil W Rickert: "Re: authorized_keys and security"
- Reply: Richard Caley: "Re: authorized_keys and security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
