|
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
|
Re: [PLUG] Increase in SSH break-in attempts?
|
Quoting Mike Leone <turgon@mike-leone.com>:
> Paul L. Snyder (plsnyder@drexel.edu) had this to say on 04/26/05 at
> 10:40:
> > Quoting Mike Leone <turgon@mike-leone.com>:
> > When I noticed, I disabled password authentication for ssh...I use
> key-
> > based auth for the most part, anyway.
>
> You mean certificates? That works well if you connect from the same
> machine
> all the time, but what do you do to check in with your home system if
> you
> happen to be at your buddy's house, for example? Or am I
> misunderstanding?
Nope, you've got it. I am almost never without my laptop, and
most of my friends have a WLAN they'll let me hop on. I'm
pretty untrusting, so I try to never enter a "good" password for
my network on a machine that I don't control. If I wanted to
connect back from an untrusted system, I'd probably set up some sort
of DMZ server.
If you're more trusting than I am and want to use certificate
auth to connect from an untrusted machine, I suppose you could
carry your private keys on a flash drive. It wouldn't give me a
warm, fuzzy feeling, though, as that machine will have opportunity
to grab both the keys and the passphrase, just as it could grab
a password.
pls
pls
___________________________________________________________________________
Philadelphia Linux Users Group -- http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|