[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 2 Feb 2007 13:01:47 -0500
From: "Stan Bubrouski" <stan.bubrouski@...il.com>
To: "Tyop?" <tyoptyop@...il.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: (Psexec on *NIX)
On 2/2/07, Tyop? <tyoptyop@...il.com> wrote:
>
> key-based login without passphrase is like eating cheese without
> bred. useless (IMHO).
>
Totally, if someone compromises the machine and gets root they get all
your keys and without a passphrase... yeah no good.
> > - - With a little bit of configuration, it's easy to figure out which
> > key was used to login to an account; the audit trail can be managed
> > that way.
> > - - Managing which users have access to which root accounts is trivial
> > this way: just add or delete their keys from .ssh/authorized_keys[2].
>
> Totally agree.
>
Ditto.
-sb
> --
> Tyop?
> http://altmylife.blogspot.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists