On 30Jun2017 16:53, jdow <jdow@xxxxxxxxxxxxx> wrote:
On 2017-06-30 16:08, Cameron Simpson wrote:
You omitted way 0: DO NOT ALLOW PASSWORD BASED SSH. This is the single best
thing you can do. Allowing only key-based access simply prevents all password
based access and is cryptographicly strong, instead human-prose-imagination
strong, which is typically awful.
[...]
And what do I do if I have to login from a different machine than one of mine?
Should I hang a tag or key with the key to my computers on my key chain when
traveling?
Frankly, YES.
If you cannot set up a key on the foreign machine ahead of time, yes stick your
"travelling" key on a USB stick and use it. That way you can revoke it if
somehow it gets comprimised.
Cheers,
Cameron Simpson <cs@xxxxxxxxxx>
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
