On Fri, Dec 20, 2024 at 10:22:29AM +0700, Max Nikulin wrote: > On 19/12/2024 15:56, Chris Green wrote: > > Horses for courses, I enter login passwords/passphrases quite frequently > > (lots of > > different systems that I ssh to) long, unmemorable, passwords would be > > useless. > > Generate a private key and add its public counterpart to > ~/.ssh/authorized_keys on remote machines. Locally running ssh-agent allows > to authenticate on remote machines without typing the pass phrase for the > private key for each connection. It is more secure than passwords against > brute force attacks.
Definitely. I was thinking specifically about passwords: what they are, how they work. But it's clear that (asymmetric) crypto keys are worlds ahead of passwords in terms of security, convenience (agent forwarding, anyone?) LDAP integration and all of that. Whenever I have the choice, a SSH key it is. Cheers -- t
signature.asc
Description: PGP signature
