On 6/10/2011 2:09 PM, Craig White wrote:
>
> On Jun 10, 2011, at 12:04 PM, Ljubomir Ljubojevic wrote:
>
>> Les Mikesell wrote:
>>
>>> That's just normal behavior when both are enabled. If the key works,
>>> you don't get the password prompt. But even in the 'ultrasecure'
>>> scenario of requiring both, do you really want people typing their
>>> passwords on equipment that might have a keylogger running?
>>>
>>
>> One scenario is business customers I maintain. They are almost all on my
>> network, and I have servers I maintain/admin 400 km away that are not
>> mine. When I am logged there, or on-site, I often need to pull some data
>> from my main server. Sometimes FTP is enough, but sometimes I need to
>> use SFTP or SCP to access sensitive scripts, or to login (when I am
>> on-site on far away network).
>>
>> How do you propose that I use key only auth? to copy my sensitive key
>> onto their system? Or is it better to in that case just use password
>> auth? I avoid using my passwords on infected systems, or without proper
>> protection, but on safe systems it is better to use passwords then keys.
>>
>> And of course, I have a brother with root access that does not own a
>> laptop. And if I even tried to force him to use keys for every
>> connection, I would have blue eye in matter of days ;-)
> ----
> put your private key(s) on a USB flash drive and use the '-i' option w/ ssh
>
> Heavily recommend that you use passwords to protect your keys though
If you knew someone was going to do that on a machine you controlled,
would you be able to capture both the key and the password keystrokes?
A one-time password might be a better approach. We use juniper's ssl
vpn with keyfob cryptocards for remote connections but another part of
the company maintains it and I don't know what it costs.
--
Les Mikesell
lesmikesell at gmail.com