From owner-freebsd-questions@FreeBSD.ORG  Thu Oct 28 22:26:12 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BB86516A4CE
	for <freebsd-questions@freebsd.org>;
	Thu, 28 Oct 2004 22:26:12 +0000 (GMT)
Received: from ns1.tiadon.com (SMTP.tiadon.com [69.27.132.161])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 585BC43D54
	for <freebsd-questions@freebsd.org>;
	Thu, 28 Oct 2004 22:26:12 +0000 (GMT)	(envelope-from kdk@daleco.biz)
Received: from [69.27.131.0] ([69.27.131.0]) by ns1.tiadon.com with Microsoft
	SMTPSVC(6.0.3790.211);	 Thu, 28 Oct 2004 17:22:32 -0500
Message-ID: <41817200.6080609@daleco.biz>
Date: Thu, 28 Oct 2004 17:26:08 -0500
From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041023
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Matt Juszczak <matt@atopia.net>
References: <6.0.3.0.2.20041028102537.04be6ec0@nano.net>
	<20041028133250.77c30503@vixen42.24-119-122-191.cpe.cableone.net>
	<418158BF.2060202@daleco.biz> <20041028164926.M15263@neptune.atopia.net>
In-Reply-To: <20041028164926.M15263@neptune.atopia.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 28 Oct 2004 22:22:32.0873 (UTC)
	FILETIME=[9E89B990:01C4BD3C]
cc: freebsd-questions@freebsd.org
Subject: Re: Hacker activity?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Oct 2004 22:26:12 -0000

Matt Juszczak wrote:

> I've considered moving to key based systems as well, but is it 
> possible to require both a key and a password?
>
> For instance, I find it fairly insecure to setup a single box (lets 
> say my home machine) with all my certs for all my servers.  Someone 
> penetrate's my home machine and I'm done....
>
> -Matt
>

When you generate your keys with ssh-keygen(1), that is an option.

Personally, I'm looking at ssh-agent, as Giorgios suggested earlier
in the thread ... but I've got so much to learn right now it's not even
remotely hilarious ...

KDK