G T Smith wrote:
Rajko M. wrote:
On Friday 28 November 2008 07:33:01 am G T Smith wrote:
I would agree, that if you have a regular need for ssh access from an external location that this is the preferable authentication mechanism, though a slight case of overkill for a small home network for mainly internal use. In any network it is more convenient to have keypair authentication, than to type passwords all the time. One time more work and then enjoy.
I would generally prefer the password protected key option (to use the key you have to authenticate with a password), which is same difference in the latter context. The thing about household or computer keys (like single socks, paper clips, and pens) is they can get lost, usually when you most need them :-) . If the wrong person gets the lost key then you could be toast if the key is not protected.
For private use I tend to prefer password, entry plus blocks on external firewall as I have very little call for external ssh access at the moment. On the very rare occasions I think I will need it (once in the last 12 months or so), I set up the port to be opened at external firewall at a fixed time for a fixed time. (The key is in your head, and if you loose that you have other things to worry about :-) ). I allow passwords on my local computers, as well as public/private keys. However, my firewall is key only.
-- Use OpenOffice.org <http://www.openoffice.org> -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org