On Tue, Jun 05, 2001 at 09:59:49PM -0500, HOEFFNER at dcmir.med.umn.edu wrote: > >Put the public key on your computer at home and set up some automatic > >logins. > >No password involved. Oddly enough it's more secure than passwords. > >Much easier than telnet and very secure. > > Is this really true??? Best practice? > > Seems too good to be true. I've gotten that piece to work, but have shied away > from it cuz it seemed the password challenge would be better. Guess I'm not all > that sure why I thought that, though. There is one caveat: You must generate keys with (good) passphrases. If you leave the passphrase blank, then I tend to agree with you that it's insecure, since access to the key-holding account would give free reign over all accounts that recognize that key (and ~/.ssh/known_hosts would make finding those accounts pretty easy). With a good passphrase, though, the key itself is locked up quite nicely also. Just remember not to walk away while logged in without locking your terminal first. But you do that anyway, right? -- That's not gibberish... It's Linux. - Byers, The Lone Gunmen Geek Code 3.12: GCS d? s+: a C++ UL++++$ P++>+++ L+++>++++ E- W--(++) N+ o+ !K w--- O M- V? PS+ PE Y+ PGP t 5++ X+ R++ tv+ b+ DI++++ D G e* h r y+