On 2008-05-18, Mark Shroyer <[EMAIL PROTECTED]> wrote: > I've set up a nice secondary authentication mechanism on a Linux server. > I use this when I must shell in from, e.g., a computer lab, and I don't > have an authorized SSH private key on my workstation. To login without > a private key, I must: > > 1) Enter my account's current S/Key one-time password > > and > > 2) Enter my Unix password > > in sequence.
In what way does typing your password in to an untrusted machine improve security?
