Mailinglist Archive: opensuse (1986 mails)
| < Previous | Next > |
Re: [opensuse] Results of moving ssh to a high port - Zero scriptkiddies in a 24 hour period.
- From: Tero Pesonen <mlist-suse@xxxxxxxxxxxx>
- Date: Sat, 29 Nov 2008 17:37:14 +0200
- Message-id: <200811291737.14767.mlist-suse@xxxxxxxxxxxx>
On Saturday 29 November 2008, Rajko M. wrote:
For less often used passwords, or for those that are of high quality and
thus difficult to remember unless used often, such
as "LnhU34p3Olxm7yXKtns92", and the like, I recommend a
password "safe" -- a plain ASCII text file where they are written.
Encrypt it symmetrically (or asymmetrically if you need not access it
anywhere where you might not have your private key at hand) with GPG
with a very good password that you have learnt well, and put the file
somewhere where you can find it when needed, such as your FTP site,
your online backup service, CD, USB stick... wherever necessary so you
will not lose it.
And when someone comes to you asking "what that password was again", you
can look it up in that file -- or use it when you forget one of your
own passwords.
This approach also allows you to regenerate those password regularly,
which you are less likely to do if you absolutely have to remember them
all.
A similar file is handy for all those login username / password pairs
you need for every possible site these days. When I need to login to
site X, I just write "gpg -d ~/pwsafe.gpg" and copy-paste.
Regards,
Tero Pesonen
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
For private use I tend to prefer password, entry plus blocks on
external firewall as I have very little call for external ssh
access at the moment. On the very rare occasions I think I will
need it (once in the last 12 months or so), I set up the port to be
opened at external firewall at a fixed time for a fixed time. (The
key is in your head, and if you loose that you have other things to
worry about :-) ).
Sure, under some circumstances :-D
Under normal conditions, it is not so hard to trick yourself and
forget easy to remember password. I did that few times creating
passwords for others. Luckily I know more than one way to recover
from that kind of problem, otherwise it would be real embarrassment.
For less often used passwords, or for those that are of high quality and
thus difficult to remember unless used often, such
as "LnhU34p3Olxm7yXKtns92", and the like, I recommend a
password "safe" -- a plain ASCII text file where they are written.
Encrypt it symmetrically (or asymmetrically if you need not access it
anywhere where you might not have your private key at hand) with GPG
with a very good password that you have learnt well, and put the file
somewhere where you can find it when needed, such as your FTP site,
your online backup service, CD, USB stick... wherever necessary so you
will not lose it.
And when someone comes to you asking "what that password was again", you
can look it up in that file -- or use it when you forget one of your
own passwords.
This approach also allows you to regenerate those password regularly,
which you are less likely to do if you absolutely have to remember them
all.
A similar file is handy for all those login username / password pairs
you need for every possible site these days. When I need to login to
site X, I just write "gpg -d ~/pwsafe.gpg" and copy-paste.
Regards,
Tero Pesonen
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx
| < Previous | Next > |