[clug] shimmer alternative SPA
Alex Satrapa
grail at goldweb.com.au
Thu Jul 10 00:37:50 GMT 2008
On 10/07/2008, at 09:10 , Daniel Black wrote:
> Though really you could just use ssh keys and disable password
> authentication
> if you've got the resouces to install arbitary sofware keys on the
> computers
> that need access.
Which raises the issue of cracking ssh keys being easier (the hard
part is stealing the thumb drive with the private key on it) than
cracking passwords (you can put a retry limit on the server).
Remember, time to crack a security mechanism is linearly proportional
to how many attempts you can make per unit time. On a desktop PC you
can make thousands of attempts per minute to break a private key,
while your attempts per minute to crack a password is restricted by
the target's security policy - if the security policy is tight enough
you'll be locked out for days for getting the password wrong too many
times.
Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 220 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/linux/attachments/20080710/95954a93/PGP.bin
More information about the linux
mailing list