Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] SuSE security reputation, etc..
  • From: dproc@xxxxxxx
  • Date: Mon, 7 Aug 2000 18:10:02 -0400
  • Message-id: <20000807181002.A6867@xxxxxxxxxxxxxxx>
On Mon, 07 Aug 2000, Kurt Seifried wrote:

> for the filename (like pam_listfile). Voila. No mods to daemons needed,
> power users happy, normal users blissfully unaware (unless they look into
> pam config files and actually make changes).
>
> > It's nice project, though. Would you want to hack and maintain a set
> > of patches that resolve these problems in a few packages?
>
> PAM! use the PAM!. =)
>
> -Kurt

None of this works without the vows and good intentions we talked
about.

I don't trust myself to use different passwords for different
services. Or accidentally punch in the wrong one. How many of your
trusted sysadmins will use the same password, or just change it by one
or two characters, for ssh, ftp etc?

Didn't someone earlier in the thread suggest disabling password
authentication in ssh, and using only RSA public key authentication?
Is there any reason why we cannot all use that (of course for
commercial use in the USA we have to buy the license or wait for the
patent to expire?)

dproc


< Previous Next >