[CentOS] what percent of time are there unpatched exploits against default config?

Thu Dec 29 15:00:01 UTC 2011
m.roth at 5-cent.us <m.roth at 5-cent.us>

夜神 岩男 wrote:
> On 12/29/2011 10:21 PM, Marko Vojinovic wrote:
>> On Thursday 29 December 2011 13:07:56 Reindl Harald wrote:
>>> Am 29.12.2011 12:56, schrieb Leonard den Ottolander:
>>>> On Thu, 2011-12-29 at 12:29 +0100, Reindl Harald wrote:
>>>>> Am 29.12.2011 09:17, schrieb Bennett Haselton:
>>>>>> Even though the ssh key is more
>>>>>> random, they're both sufficiently random that it would take at least
>>>>>> hundreds of years to get in by trial and error.
>>>>> if you really think your 12-chars password is as secure
>>>>> as a ssh-key protcected with this password you should
>>>>> consider to take some education in security
>> It is very inconvenient for people who need to login to their servers
>> from random remote locations (ie. people who travel a lot or work in
>> hardware-controlled environment).
>> Besides, it is essentially a question of overkill. If password is not
>> good enough, you could argue that the key is also not good enough ---
>> two keys (or a larger one) would be more secure. Where do you draw the
>> line?
> When traveling I log in to my home server and work servers with my
> laptop. Its really a *lot* easier than using a bunch of pasword schemes.
Ah, that brings to mind another issue with only passwords:
synchronization. I worked as a subcontractor for a *huge* US co a few
years ago. I've *never* had to write passwords down... but for there, I
had a page of them! Our group's, the corporate test systems, the corporate
*production* systems, and *each* had their own, along with their own
password aging (there was *no* single sign-on), the contracting co's....