Fwd: [GLLUG] Passwords
Alec Warner
warnera6 at egr.msu.edu
Fri Sep 1 18:22:52 EDT 2006
Bleh, just passwords suck, use PKI.
While I don't think it's a useful system for general use (god I can't
imagine pubkey infrastructure at work) Gentoo enforces it on all
machines. PKI certainly doesn't eliminate the need for a good
passphrase, but in the event that someone picks a crappy one (or worse,
none at all!) you are still protected, because they would have to give
up their key at one point as well.
For me personally, that means they'd have to have root/access on
machines that er..pretty much leave me screwed anyhow ;)
USB sticks are cheap, nothing beats stuffing your key on a fat32
partition that works on any sane OS. I know windows can do this (as
well as linux). While I don't have PKI for local logins, the remote
ones I often set up use PKI just because I worry about people :)
Besides it also means I generally don't have to worry about those
annoying ssh-attacks, since only PK logins are allowed.
-Alec
More information about the linux-user
mailing list