|
|
On Fri, 25 Jul 2008 21:26:46 +0100, Ian Rawlings wrote:
> On 2008-07-25, Nix <nix-razor-pit@xxxxxxxxxxxxx> wrote:
>
>> Passwords are definitely crackable: I've seen it done, over and over again.
>> Keys are not, without insane resources.
>
> More to the point, passwords are only more convenient if you are
> logging in from locations on which you don't have the key,
> i.e. machines that aren't under your control, and that's hardly a good
> idea, no amount of random password gibberish will help there. Logging
> in from your own machines with your password-protected keys on them,
> with passwords disabled on the remote server, is the most secure
> option.
>
Perhaps, but another issue with keys is that you could be forced to
disclose the passphrase to your key should you take it through an airport.
With failure to do so leading to detention by the authorities. Compare
that to the password in my head.
I know which I would prefer...
JAB.
--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
St. Andrews, United Kingdom.
|
|