On 12/30/2011 01:33 AM, m.roth@xxxxxxxxx wrote:
> Marko Vojinovic wrote:
>> On Thursday 29 December 2011 14:59:14 Reindl Harald wrote:
>>> Am 29.12.2011 14:21, schrieb Marko Vojinovic:
>>>>> so explain me why discuss to use or not to use the best
>>>>> currently availbale method in context of security?
>>>>
>>>> Using the ssh key can be problematic because it is too long and too
>>>> random to be memorized --- you have to carry it on a usb stick (or
>>>> whereever). This provides an additional point of failure should your
>>>> stick get lost or stolen. Human brain is still by far the most secure
>>>> information-storage device. :-)
>>> this is bullshit
>>> most people have their ssh-key on a usb-stick
>>
>> And how are you going to access your servers if the stick gets broken or
>> lost? I guess you would have to travel back to where the server is
>> hosted, in order to copy/recreate the key.
>
> Um, yep: you're SOL, same as if you spilled coffee on your laptop, or
> whatever. And if you loose it, you should then create a new one.
>>
>> I did not argue that the key is not more secure than a password. I was
>> just pointing out that sometimes it can be more inconvenient.
>
> All security is inconvenient. What's implemented is a balance between
> convenience and security - really secure is a system not connected to any
> network, and with no USB ports, that runs off a DVD....
...at the bottom of the ocean...
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
