Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: Re: Why Install Telnet by Default?
  • From: Henning Hucke <h_hucke@xxxxxxxxxxxxxxxx>
  • Date: Fri, 9 Dec 2005 07:18:50 +0100 (CET)
  • Message-id: <Pine.LNX.4.58.0512090714460.24248@xxxxxxxxxxxxxxxx>
On Thu, 8 Dec 2005, Randall R Schulz wrote:

> [...]
> I'm surprised so many very security-conscious people think that
> passwordless is such a good thing. Now you've made physical access to
> your computer all that is required to gain access to all the other
> hosts for which you've set up passwordless access. What's more, from
> the perspective of the administrators of those systems, it's you who
> has accessed their resources and you'll get the blame, at least
> initially, for any malicious actions.

Erm... Passwordless access to the other computers implies in the case of
SSH that you first enable the necessary keys with your passphrase for
your session. And even this you can cut down to the need to /regularly/
reauthenticate.

I don't get your point though.

Best regards
Henning Hucke
--
Semiconductor: part time band leader

< Previous Next >
Follow Ups