[CentOS] what percent of time are there unpatched exploits against default config?

m.roth at 5-cent.us m.roth at 5-cent.us
Thu Dec 29 16:33:21 UTC 2011


Marko Vojinovic wrote:
> On Thursday 29 December 2011 14:59:14 Reindl Harald wrote:
>> Am 29.12.2011 14:21, schrieb Marko Vojinovic:
>> >> so explain me why discuss to use or not to use the best
>> >> currently availbale method in context of security?
>> >
>> > Using the ssh key can be problematic because it is too long and too
>> > random to be memorized --- you have to carry it on a usb stick (or
>> > whereever). This provides an additional point of failure should your
>> > stick get lost or stolen. Human brain is still by far the most secure
>> > information-storage device. :-)
>> this is bullshit
>> most people have their ssh-key on a usb-stick
>
> And how are you going to access your servers if the stick gets broken or
> lost? I guess you would have to travel back to where the server is
> hosted, in order to copy/recreate the key.

Um, yep: you're SOL, same as if you spilled coffee on your laptop, or
whatever. And if you loose it, you should then create a new one.
>
> I did not argue that the key is not more secure than a password. I was
> just pointing out that sometimes it can be more inconvenient.

All security is inconvenient. What's implemented is a balance between
convenience and security - really secure is a system not connected to any
network, and with no USB ports, that runs off a DVD....
<snip>
       mark




More information about the CentOS mailing list