2008/12/4 Jens Peter Secher <[EMAIL PROTECTED]>: > To do that you will need to change /etc/pam.d/ssh-auth to > > auth sufficient pam_ssh.so
I know, that's why I'm not complaining =) May writing it in the README.Debian could be a good idea. > Hmm, if noone else has access to the computer (including remote > access) then the passphrase on the SSH keys do not need to be more > secure than the login password. On the other hand, if there is remote > access to the computer, then a weak password will enable an evil > hacker to get into you account, copy your SSH key and brute-force > attack the key elsewhere. So I do not really see your point. If someone has physical access to my computer, the only security is encryption. No sense for a strong login password, he could boot with an other OS or take out the HD and directly read the key (both options will take far less time then brute-forcing an even weak password by typing tries by hand). Brute forcing a strong encryption password would take a lot of time instead (I guess), which at least keeps safe computers not accessible to anyone else (I'm thinking about a laptop and a home server, if I get stolen of the laptop I can delete the public key on the server). Please correct me if I'm completely mistaken... Cheers, Luca -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
