Date: Sat, 20 Mar 2010 12:14:17 -0400 From: Jerry <gesbbb@yahoo.com> To: freebsd-questions@freebsd.org Subject: Re: securing sshd Message-ID: <20100320121417.67724938@scorpio.seibercom.net> In-Reply-To: <4BA4EA8C.3090702@locolomo.org> References: <201003201318.o2KDIcIt001241@fix.fantomatic.co.uk> <4BA4EA8C.3090702@locolomo.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 20 Mar 2010 16:32:28 +0100 Erik Norgaard <norgaard@locolomo.org> articulated: > > * Disabled password logins completely, and to only allow public key > > authentication > > This seems good for security, but not always practical. Now you have > to walk around with a USB or have keys on your laptop and if you > loose the USB or the laptop gets stolen you can't get access. Worse, > you can't revoke the keys till you get back home. Worse yet, if you get shot and killed you won't be able to access your data no matter how hard you try. Seriously, disabling password log-ins and using key authentication is extremely secure. Do make sure that you password protect your keys however. In any event, if you laptop or whatever is stolen, you have more than just one problem to contend with anyway. -- Jerry gesbbb@yahoo.com Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __________________________________________________________________ It's not whether you win or lose, it's how you place the blame.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100320121417.67724938>