Break-In Attempt -- Now What?

Robert Brockway rbrockway-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org
Sat Dec 4 10:54:09 UTC 2004


On Tue, 30 Nov 2004, Taavi Burns wrote:

> On 30 Nov 2004 15:59:40 -0500, Tim Writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org> wrote:
>> Alex Beamish <talexb-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> writes:
>> Even better is to disable password based logins, allowing only key based
>> logins.  This secures you against dictionary based attacks.  Barring flaws in
>> ssh itself, an attacker would need your private ssh key and associated pass
>> phrase to get into your computer via ssh.
>
> Just the private ssh key, afaik.  Now, to GET the private ssh key, an attacker
> would need to get access to your key file (which would be located on a USB
> memory stick or laptop or wherever you're logging in FROM) AND your
> associated passphrase in order to decrypt the key file (key file + passphrase
> = private key).
>
> At least that's my understanding. :)

Hi Taavi.  Both the private key and the passphrase are needed to effect a 
break in, in this manner.  This is the point, otherwise ssh would not
bother with passphrases (you can use null passphrases for automated 
connections but this lowers the bar when it comes to security).

Cheers,

Rob

-- 
Robert Brockway B.Sc.
Senior Technical Consultant, OpenTrend Solutions Ltd.
Phone: 416-669-3073 Email: rbrockway-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org http://www.opentrend.net
OpenTrend Solutions: Reliable, secure solutions to real world problems.

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list