On 12/30/2011 01:33 AM, m.roth@5-cent.us wrote:
Marko Vojinovic wrote:
On Thursday 29 December 2011 14:59:14 Reindl Harald wrote:
Am 29.12.2011 14:21, schrieb Marko Vojinovic:
so explain me why discuss to use or not to use the best currently availbale method in context of security?
Using the ssh key can be problematic because it is too long and too random to be memorized --- you have to carry it on a usb stick (or whereever). This provides an additional point of failure should your stick get lost or stolen. Human brain is still by far the most secure information-storage device. :-)
this is bullshit most people have their ssh-key on a usb-stick
And how are you going to access your servers if the stick gets broken or lost? I guess you would have to travel back to where the server is hosted, in order to copy/recreate the key.
Um, yep: you're SOL, same as if you spilled coffee on your laptop, or whatever. And if you loose it, you should then create a new one.
I did not argue that the key is not more secure than a password. I was just pointing out that sometimes it can be more inconvenient.
All security is inconvenient. What's implemented is a balance between convenience and security - really secure is a system not connected to any network, and with no USB ports, that runs off a DVD....
...at the bottom of the ocean...