On Thursday 29 December 2011 14:59:14 Reindl Harald wrote:
the hughe difference is: while having the same password (for the key) it can not be used directly for brute-force und you need the password and at least one time access to the key file
Explain me how having a key protected by a password avoids brute forcing if you loose the usb stick holding that key?
Technology is developing at a scary pace, have a look at this: http://mytechencounters.wordpress.com/2011/04/03/gpu-password-cracking-crack...
And this is with a simple card, imagine what you can do with a system with multiple paralel cards...
Just to be clear: I'm not arguing which system is better/more secure. I'm just pointing out one downside of having the key in a usb memory.
And bruteforcing against ssh servers are really difficult as some others have commented (and even more difficult if you limit failed connections...)
Regards