gnumed-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnumed-devel] Re: New public server up and ready for more GnuMedding...

From: Andreas Tille
Subject: [Gnumed-devel] Re: New public server up and ready for more GnuMedding...
Date: Sun, 26 Dec 2004 18:37:11 +0100 (CET) 
On Fri, 24 Dec 2004, J Busser wrote:
Apologies for having to learn. Presumably Carlos may need to create a user (or not user, just shell?) account jbusser and, as part of that "account" creation, must he assign a password, either a "default" one, or one I have requested in advance? 
I can't say exactly because I'm on a computer without access to my
Debian-Key, thus I'm currently unable to verify, but the trick is that
there should be *no* password for the user on this machine, but just
an ssh key which you have to send the administrator.  Thus people who
have no access to your private key are unable to guess your password by
brute force methods.
One such a password exists, what advantage(s) is/are there to using a key pair? 
Your login is secured by the pass phrase *and* the private key.
Does it simply shorten the command required for the ssh login (depending on the location of the private key), and/or save having to remember the password (for example if I can name a key carlos_server)? It does not per se add security does it, since if know the password I can regenerate the same private key? 
No.  You can not regenerate a ssh key pair.  The attacker has no chance
if he has no access to your private key - so just keep it save.
Horst's experience might suggest I should use a different key pair, even while I try to not "join* the paranoid part ; -) 
A certain amount of paranoia does not harm in computer science. ;-)
I personally use different keys.

Kind regards

                Andreas.

--
http://fam-tille.de
reply via email to
[Prev in Thread] Current Thread [Next in Thread]