[clug] shimmer alternative SPA

Alex Satrapa grail at goldweb.com.au
Thu Jul 10 00:37:50 GMT 2008

On 10/07/2008, at 09:10 , Daniel Black wrote:

> Though really you could just use ssh keys and disable password  
> authentication
> if you've got the resouces to install arbitary sofware keys on the  
> computers
> that need access.

Which raises the issue of cracking ssh keys being easier (the hard  
part is stealing the thumb drive with the private key on it) than  
cracking passwords (you can put a retry limit on the server).

Remember, time to crack a security mechanism is linearly proportional  
to how many attempts you can make per unit time. On a desktop PC you  
can make thousands of attempts per minute to break a private key,  
while your attempts per minute to crack a password is restricted by  
the target's security policy - if the security policy is tight enough  
you'll be locked out for days for getting the password wrong too many  


-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 220 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/linux/attachments/20080710/95954a93/PGP.bin

More information about the linux mailing list