Re: Re: Security of ssh across a LAN, public key versus password

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 2024-10-22 09:14, Chris Green wrote:

> OK, I think I have realised what has been confusing me (and, maybe
> you, in the plural).
> 
> I have been looking at this security question with a sort of 'tunnel
> vision', I'm concerned with login security of remote systems **when
> viewed from my desktop**.  For this specific case, i.e. when someone
> is sitting at my desk, or has my laptop in front of them, there is
> little to choose between password and public-key authentication. To
> break either, all the intruder has to do is guess/break my password or
> the passphrase protecting my public-key.

A little late to chime in, but if you are so concerned about access to
your laptop, there are measures unrelated to SSH you could take. Your
scenario sounds as if anyone could sit down at your desk and immediately
proceed to brute-forcing your credentials for SSH connections. Wouldn't
it be possible to physically restrict access to your desk and/or laptop?

- Jan

Attachment: signature.asc
Description: PGP signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux