Re: Does Public Key Authentication offer additional security over SSH/SFTP
- From: Chuck <skilover_nospam@xxxxxxxxxxxxxx>
- Date: Wed, 13 Dec 2006 16:45:06 GMT
Marty W wrote:
Hi guys,
I've got a fairly newbie (but hopefully quick) question.
So I've set up a public/private key pair on my Unix boxes for
authentication for my SSH/SFTP connections so I don't have to provide
my password.
Does setting this up provide an extra layer of security (ie additional
encryption) ?
Cheers
Capt. Wing
The security is only as good as the strength of the passphrase on the
private key. If you've left it unencrypted (no passphrase), you actually
made it much easier for an attacker to get into your servers. They just
need to steal a copy of the key and they will never need anything else.
With a weak password, it's subject to dictionary attacks, but they would
still need to get a copy of the key file. The bottom line is protect the
private key file itself by making it as inaccessible as possible to
anyone but you, and then have it encrypted with a strong passphrase.
.
- Follow-Ups:
- References:
- Prev by Date: Re: Reverse SSH Tunnel - an easy way?
- Next by Date: Re: Does Public Key Authentication offer additional security over SSH/SFTP
- Previous by thread: Re: Does Public Key Authentication offer additional security over SSH/SFTP
- Next by thread: Re: Does Public Key Authentication offer additional security over SSH/SFTP
- Index(es):
Relevant Pages
|
