From owner-freebsd-questions@FreeBSD.ORG Mon Sep 15 19:07:22 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E800BD75 for ; Mon, 15 Sep 2014 19:07:22 +0000 (UTC) Received: from sdf.lonestar.org (mx.sdf.org [192.94.73.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx.sdf.org", Issuer "SDF.ORG" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id AD8DDFB6 for ; Mon, 15 Sep 2014 19:07:21 +0000 (UTC) Received: from otaku.freeshell.org (IDENT:case@otaku.freeshell.org [192.94.73.9]) by sdf.lonestar.org (8.14.8/8.14.5) with ESMTP id s8FJ79e4025916 (using TLSv1/SSLv3 with cipher DHE-RSA-AES256-SHA (256 bits) verified NO); Mon, 15 Sep 2014 19:07:11 GMT Date: Mon, 15 Sep 2014 19:07:09 +0000 (UTC) From: John Case X-X-Sender: case@faeroes.freeshell.org To: Charles Swiger Subject: Re: comparing SSH key and passphrase auth vs. an SSH key *with* a passphrase ... In-Reply-To: <08D7B04D-CBBF-4330-BAD6-2668F9560964@mac.com> Message-ID: References: <08D7B04D-CBBF-4330-BAD6-2668F9560964@mac.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: FreeBSD - X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Sep 2014 19:07:23 -0000 On Thu, 11 Sep 2014, Charles Swiger wrote: > If you want to improve security, however, either 2-factor auth or OPIE / > one-time passwords would be better than SSH key+passphrase. Ok, thanks - but SSH key+passphrase is still much better than just plain old password, yes ?