[CentOS] what percent of time are there unpatched exploits against default config?
Reindl Harald
h.reindl at thelounge.net
Thu Dec 29 11:29:15 UTC 2011
Am 29.12.2011 09:17, schrieb Bennett Haselton:
> 2. Why have password logins at all? Using a secure ssh key only for
>> logins makes the most sense.
>>
> Well that's something that I'm curious about the reasoning behind -- if
> you're already using a completely random 12-character password, why would
> it be any more secure to use an ssh key? Even though the ssh key is more
> random, they're both sufficiently random that it would take at least
> hundreds of years to get in by trial and error.
because the key is MUCH longer than 12 chars
becasue it is NOT bruteforceable
because brute-force-attacks are trying password-login
if you really think your 12-chars password is as secure
as a ssh-key protcected with this password you should
consider to take some education in security
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20111229/d0d103e2/attachment.sig>
More information about the CentOS
mailing list