Judson Lester wrote:
>
> On Sunday, July 20, 2003, at 09:14 PM, Mark A. Hershberger wrote:
>>
>>
>> But, again, note that having an unprotected keypair is just slightly
>> better than cleartext passwords.
>>
>> If your key falls into the wrong hands, you've given that person
>> passwordless access to your accounts.
So audit all logins under that account, using that keypair.
Periodically look at your message log and see what IP's at what times
connected with it. You could even do fancy stuff like per account ip
exclusions with ssh.
Another Way To Do It: use stunnel. Slightly less secure, as the db
password is stored in plaintext, but depending on your situation, might
be "acceptable risk". Slightly more secure, in that you can't open a
full access connection with the stolen password.
>
>
> While I agree that not having a passphrase on your keypair is nowhere
> near as good as having one, I think a pasphrase-less keypair is much
> superior to cleartext passwords. On the other hand, ssh password
> authentication does *not* occur in the clear, so it's a definite leg up
> over services like ftp or http auth where passwords do pass in the clear.
*Sighs* Doesn't http use a one way hash? I avoid ftp like the plague.
>
> Ultimately, empty-password keypairs are like a physical key. If you
> lose it, someone else can open your front door (with the extra downside
> that you probably won't know you lost it.) On the other hand, cleartext
> passwords are like shouting your PIN down a darkened hallway. At least
> there's a reasonable (if not paranoid) assumption of security for keypairs.
I see plaintext passwords as writing it on a piece of paper and handing
it to someone. You don't know what they'll do with the piece of paper,
they could burn it, just toss it on the floor, or slip it in their
pocket for later.
-- Alex McKenzie alex@boxchain.com http://www.boxchain.com ___________________ Nolug mailing list nolug@nolug.orgReceived on 07/21/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST