On 12/30/2011 12:00 AM, m.roth@xxxxxxxxx wrote: > 夜神 岩男 wrote: >> On 12/29/2011 10:21 PM, Marko Vojinovic wrote: >>> On Thursday 29 December 2011 13:07:56 Reindl Harald wrote: >>>> Am 29.12.2011 12:56, schrieb Leonard den Ottolander: >>>>> On Thu, 2011-12-29 at 12:29 +0100, Reindl Harald wrote: >>>>>> Am 29.12.2011 09:17, schrieb Bennett Haselton: >>>>>>> Even though the ssh key is more >>>>>>> random, they're both sufficiently random that it would take at least >>>>>>> hundreds of years to get in by trial and error. >>>>>> >>>>>> if you really think your 12-chars password is as secure >>>>>> as a ssh-key protcected with this password you should >>>>>> consider to take some education in security > <snip> >>> It is very inconvenient for people who need to login to their servers >>> from random remote locations (ie. people who travel a lot or work in >>> hardware-controlled environment). >>> >>> Besides, it is essentially a question of overkill. If password is not >>> good enough, you could argue that the key is also not good enough --- >>> two keys (or a larger one) would be more secure. Where do you draw the >>> line? > <snip> >> When traveling I log in to my home server and work servers with my >> laptop. Its really a *lot* easier than using a bunch of pasword schemes. > <snip> > Ah, that brings to mind another issue with only passwords: > synchronization. I worked as a subcontractor for a *huge* US co a few > years ago. I've *never* had to write passwords down... but for there, I > had a page of them! Our group's, the corporate test systems, the corporate > *production* systems, and *each* had their own, along with their own > password aging (there was *no* single sign-on), the contracting co's.... > > mark Ah, forgot about that because its no longer a problem for me anymore. Using the same password on two systems is a religiously-to-be-observed rule that *most* users violate. I can put my public keys on any system and not worry about it. Hitting the number pad for my digits is a lot faster than typing in a password, a lot more convenient than remembering a bunch of them (and a big motivator to buy laptops with full-blown 10-keys, which is common now anyway, as are internal card readers...). _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos