SLUG Mailing List Archives
Re: [SLUG] Perl/SSH Problem
- To: slug@xxxxxxxxxxx
- Subject: Re: [SLUG] Perl/SSH Problem
- From: jam@xxxxxxxxx
- Date: Fri, 3 Nov 2006 21:04:26 +0800
- User-agent: KMail/1.9.1
On Friday 03 November 2006 20:14, slug-request@xxxxxxxxxxx wrote:
> > Why Choose not to use ssh keys.
> > The default is to both allow passwords, and/or keys.
> I use SSH keys on many servers, but there are a bunch in this group
> where the admins have *blocked* use of SSH keys and thus I would like
> to have a system that works for ALL servers, and the only way I can
> see that happening is by letting the script send the password when
> prompted for it.
> > You don't need root access to create a passwordless login (providing the
> > admin's haven't explicitly changed the default).
> I know, but imagine asking a server admin in a company where there are
> lots of policies, bla bla, if I can have a passwordless login on an
> account with special sudo privileges :)
> > Now the reason I suggested that is Net::SSH (Which cannot use passwords
> > for login) uses Filehandles for reading and writing, so expect should
> > "just work"(tm).
Passwdless login is infinitly better than passwd infact on my system:
with say 1024bit key and say 10^6 tries per second lets see ...
1024 log (2) / 10^6 is say 10^300 years to crack! Much better than any 10 char
The weak link is storing YOUR private key. The rest is secure.
Infact I'll TELL you my root passwd and you still can't get in