Date: Sun, 11 May 2003 11:30:00 +0100 From: Scott Mitchell <scott+freebsd@fishballoon.org> To: Daniela <dgw@liwest.at> Cc: Kirill Pisman <anyher@ngs.ru> Subject: Re: Why is port 22 open by default? Message-ID: <20030511103000.GB8616@tuatara.fishballoon.org> In-Reply-To: <200305110041.39601.dgw@liwest.at> References: <20030509000921.P66401-100000@alpha.yumyumyum.org> <200305101108.13319.dgw@liwest.at> <20030510122815.F79934@ndhn.yna.cnyserzna.pbz> <200305110041.39601.dgw@liwest.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 11, 2003 at 12:41:39AM +0000, Daniela wrote: > Just one question: Why isn't rsa/dsa key authentication the default? > Is it hard to set up? Are there other drawbacks? Public key authentication should be enabled by default. Once you have all the right keys in the right places it should just work, then you can turn off password-based authentication. It's not really hard to set up, but there's several steps so it's easy to mess up the first time you try it. Googling for 'ssh public key setup' finds various pages that will walk you through the whole process. Remember that the public key stays on the server, while the private key needs to be distributed to clients, which might seem backwards at first. And make sure you choose a good passphrase to secure the private key! Scott -- =========================================================================== Scott Mitchell | PGP Key ID | "Eagles may soar, but weasels Cambridge, England | 0x54B171B9 | don't get sucked into jet engines" scott at fishballoon.org | 0xAA775B8B | -- Anon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030511103000.GB8616>