Stuart Henderson wrote:
On 2008-05-18, Mark Shroyer <[EMAIL PROTECTED]> wrote:
I've set up a nice secondary authentication mechanism on a Linux server.
I use this when I must shell in from, e.g., a computer lab, and I don't
have an authorized SSH private key on my workstation. To login without
a private key, I must:
1) Enter my account's current S/Key one-time password
and
2) Enter my Unix password
in sequence.
In what way does typing your password in to an untrusted machine
improve security?
it's 2 factor authentication, duh! i read about that on the intarnetz so
it must be a good idea regardless of the 2 factors i choose.
;)
