[SAC] Proposal: Keys for SSH logins
Hamish
hamish_b at yahoo.com
Wed Oct 5 10:47:05 EDT 2011
Alex wrote:
> For security reasons it's been suggested we move all of our
> system logins to use SSH keys. Does anyone have any good
> solutions to make this feasible without having to copy keys to
> individual accounts on multiple machines?
>
> Ideally it would be great to disable password based logins
> to help deter sniffing and breaking. It would also make things
> more difficult once someone was in as the password would not be
> known for sudo if they broke in via key (technically possible
> but difficult).
breaking in via key just means breaking in to a developer's
personal machine, which is near impossible to stop.
yes, key+sudo is nice as it is 2-factor (bring something + know
something). but if a developer's computer gets hacked, and pw is
plain text viewable in firefox's saved pw list that gets
defeated... :-(
fyi key-only logins are enforced on some debian servers, see
http://wiki.debian.org/Alioth/SSH
and suggested reading there*. the web form where you upload your
key seems to need a login to view it, but it works well enough.
[*] http://lackof.org/taggart/hacking/ssh/
sourceforge shell access works inside a temporary chroot jail
environment/disposable VM, but I think that's getting too
complicated for us.
see also some recent tips/lessons learned from the kernel.org
people, and the ensuing thread: https://lwn.net/Articles/461237/
Hamish
More information about the Sac
mailing list