[kwlug-disc] Curious about SSH Key security
Raul Suarez
rarsa at yahoo.com
Fri Jul 23 23:17:39 EDT 2010
After following the threads on SSH security and how using Keys is more secure and simple in the long run, I got curious about something.
Please illuminate me:
Security traditionally should depend on something you are (identity), something you have (key, card, etc) and something you know (password).
If you use keys without password you are depending on something you have.
Knowing also that you are just as secure as the weakest link.
Would using keys only dilute security as now you need to depend on securing the keys on every computer?
If someone breaks into one of the computers that has the key, wouldn't you be exposing the server?
Raul Suarez
Technology consultant
Software, Hardware and Practices
_________________
Twitter: rarsamx
http://rarsa.blogspot.com/
An eclectic collection of random thoughts
More information about the kwlug-disc
mailing list