1 |
On Wed, 11 Oct 2006 at 19:53, Dice R. Random wrote: |
2 |
> The danger with key-only auth, IMO, is that if your workstation is |
3 |
> compromised, even just the user account, an attacker can copy your |
4 |
> private key and gain root access to the server. Of course your user |
5 |
|
6 |
Only if they also break the encryption on your private key. A good |
7 |
passphrase should make that take long enough to be impractical. Or if |
8 |
you are worried, gen a new key every X months... |
9 |
|
10 |
--David |
11 |
-- |
12 |
gentoo-server@g.o mailing list |