On Tue, 24 Aug 2004, Michael Thompson wrote:
> # To disable tunneled clear text passwords, change to no here!
> #PasswordAuthentication yes
>> Which will mean you can only log in with a ssh key
Is that a good idea? You go from passwords which cant be attacked
offline to ssh keys distributed to whereever your users like.
Further, they have the option of not bothering to protect the key
with a passphrase, nor can you have PAM apply strength checks to
whatever password/passphrase they choose.
I dont know, but I think ssh keys are /worse/.
Paul Jakma paul at clubi.iepaul at jakma.org Key ID: 64A2FF6A
Everyone can be taught to sculpt: Michelangelo would have had to be
taught how ___not to. So it is with the great programmers.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!