Tugger the SLUGger!SLUG Mailing List Archives

Re: [SLUG] Perl/SSH Problem

On 04/11/06, Adam Kennedy <adam@xxxxxxxxxxx> wrote:

I always thought the problem with keys and passwordless login was that
you end up with cascading exploits.

If I login from box A --> box B with keys, and someone hacks box A, then
they automatically have access to box B, and C, and D and anything else
I use keys on

1. That's what strong pass-phrases are used for - to limit the access to the
private key.
2. You could say "sure - so you replace the password by a pass-phrase" but
you'd still need the private key, which is never transferred over the net.
3. You can allow access for multiple keys into the same account - therefore
you can trace which key was used to login and track it back to the origin
and/or remove it if it was compromised (or do stuff like limit the commands
a key authorizes, or pair keys with originating ssh clients). On the other
hand you can't have multiple, traceable passwords to a UNIX account.

With passwords, at least that isn't a problem (assuming you aren't a
complete idiot and have the same password for everything).

With passwords it's enough to know (or guess) a relatively short string in
order to gain access. With keys protected by a pass-phrase you'll need a
string AND the unencrypted content of a file which should never leave the
local disk.