On 2024-10-22 09:14, Chris Green wrote: > OK, I think I have realised what has been confusing me (and, maybe > you, in the plural). > > I have been looking at this security question with a sort of 'tunnel > vision', I'm concerned with login security of remote systems **when > viewed from my desktop**. For this specific case, i.e. when someone > is sitting at my desk, or has my laptop in front of them, there is > little to choose between password and public-key authentication. To > break either, all the intruder has to do is guess/break my password or > the passphrase protecting my public-key. A little late to chime in, but if you are so concerned about access to your laptop, there are measures unrelated to SSH you could take. Your scenario sounds as if anyone could sit down at your desk and immediately proceed to brute-forcing your credentials for SSH connections. Wouldn't it be possible to physically restrict access to your desk and/or laptop? - Jan
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev