SSH login: Keys vs Password

2»

Comments

  • skorousskorous OGSenpai

    @AndrewL64 said:

    @somik said: So people now a days require to be told that something is sarcasm? Just 15 years back, people would know how to properly use sarcasm and you dont have to tell/flag it so both you and the reader knows it is sarcasm.

    The Onion fuming af at this comment right now.

    To be fair, it's often hard to tell the difference between The Onion and most major news outlets over the past few years.

    Thanked by (1)wankel
  • @skorous said:

    @AndrewL64 said:

    @somik said: So people now a days require to be told that something is sarcasm? Just 15 years back, people would know how to properly use sarcasm and you dont have to tell/flag it so both you and the reader knows it is sarcasm.

    The Onion fuming af at this comment right now.

    To be fair, it's often hard to tell the difference between The Onion and most major news outlets over the past few years.

    It's a case of "When you are so good at faking it that people believe you are legit"... Or would it be "Fake it till you make it"?

    I speak fluent sarcasm and broken logic. | I would agree with you, but thæn we’d both be wrong.

  • @carlin0 said:
    The answer is inside you... but it is wrong =)

    Haha!

    Anyhow, of course key + password + port knocking is the best.
    I just use root/toor in case I forget. I'm not an idiot.

  • @hornet said:

    @carlin0 said:
    The answer is inside you... but it is wrong =)

    Haha!

    Anyhow, of course key + password + port knocking is the best.
    I just use root/toor in case I forget. I'm not an idiot.

    I am guessing your email password is "password" and your lowendspirit password is "123456" (like me) :p

    I speak fluent sarcasm and broken logic. | I would agree with you, but thæn we’d both be wrong.

  • My password is "wrong," so if I don't remember it, it tells me: the password is wrong :p

    Thanked by (1)somik

    "How miserable life is in the abuses of power..."
    F. Battiato ---

  • For anyone interested, this is how you setup a ssh TOTP using google authenticator on ubuntu 22.04: https://somik.org/ubuntu-22-04-ssh-totp/

    This only applies all ssh connections to the server using the default /etc/ssh/sshd_config configuration file.

    Thanked by (3)wankel carlin0 IAmNix

    I speak fluent sarcasm and broken logic. | I would agree with you, but thæn we’d both be wrong.

  • SSH keys are definitely more secure, mainly because they don't travel over the network. Try using Ed25519 keys, and for extra security, change the default SSH port.

  • skorousskorous OGSenpai

    @ariellahahn You're new so may not know but it is generally preferable to look at the dates of a thread before resurrecting them. This thread is over two years old.

  • AnthonySmithAnthonySmith AdministratorHosting ProviderOGSenpai

    Necro guard coming in v2

    Thanked by (4)skorous Wolveix jaden WSS

    TierHive - Hourly VPS - NAT Native - /24 per customer - DE, UK, SG, CA, USA x3, FR, AU, PL, NL
    FREE tokens on sign up, try before you buy. | Static Hosting Free for life: https://tierhive.com/static-hosting/

  • @somik said:
    For anyone interested, this is how you setup a ssh TOTP using google authenticator on ubuntu 22.04: https://somik.org/ubuntu-22-04-ssh-totp/

    This only applies all ssh connections to the server using the default /etc/ssh/sshd_config configuration file.

    https://somik.org/SSH & Users/ubuntu-ssh-totp/ perhaps?

  • @TemporiousOne said:

    @somik said:
    For anyone interested, this is how you setup a ssh TOTP using google authenticator on ubuntu 22.04: https://somik.org/ubuntu-22-04-ssh-totp/

    This only applies all ssh connections to the server using the default /etc/ssh/sshd_config configuration file.

    https://somik.org/SSH & Users/ubuntu-ssh-totp/ perhaps?

    Yes, thanks. The url changed when I stopped using WordPress and switched to static sites.

    I speak fluent sarcasm and broken logic. | I would agree with you, but thæn we’d both be wrong.

  • skorousskorous OGSenpai

    @somik said:

    @TemporiousOne said:

    @somik said:
    For anyone interested, this is how you setup a ssh TOTP using google authenticator on ubuntu 22.04: https://somik.org/ubuntu-22-04-ssh-totp/

    This only applies all ssh connections to the server using the default /etc/ssh/sshd_config configuration file.

    https://somik.org/SSH & Users/ubuntu-ssh-totp/ perhaps?

    Yes, thanks. The url changed when I stopped using WordPress and switched to static sites.

    Because it was two years ago. Stahp.

  • WSSWSS OG
    edited July 2

    @somik said:

    @TemporiousOne said:

    @somik said:
    For anyone interested, this is how you setup a ssh TOTP using google authenticator on ubuntu 22.04: https://somik.org/ubuntu-22-04-ssh-totp/

    This only applies all ssh connections to the server using the default /etc/ssh/sshd_config configuration file.

    https://somik.org/SSH & Users/ubuntu-ssh-totp/ perhaps?

    Yes, thanks. The url changed when I stopped using WordPress and switched to static sites.

    That's kind of sad. I've got 24 year old URLs that still work because I cared enough to redirect and rewrite.

    "It's a hard life- to be a stick insect." - Karl Pilkington

  • @WSS said:
    That's kind of sad. I've got 24 year old URLs that still work because I cared enough to redirect and rewrite.

    Can't be bothered. I don't have any other linkbacks to my site either, so not worth the effort. I mostly use it as my own curated tutorial or documentation.

    I speak fluent sarcasm and broken logic. | I would agree with you, but thæn we’d both be wrong.

  • WSSWSS OG

    @somik said:

    @WSS said:
    That's kind of sad. I've got 24 year old URLs that still work because I cared enough to redirect and rewrite.

    Can't be bothered. I don't have any other linkbacks to my site either, so not worth the effort. I mostly use it as my own curated tutorial or documentation.

    Like anybody reads my fucking blog. It's a matter of style.

    Thanked by (1)Wolveix

    "It's a hard life- to be a stick insect." - Karl Pilkington

  • @AndrewL64 said:
    Assuming a really strong password is used, are keys really more secure than passwords for SSH login?

    I have always used keys because it's more convenient but I was just wondering how keys are more secure as compared to an extremely strong password (say, 24 characters long comprising of multiple symbols, uppercase+lowercase alphabets and numbers all mixed up randomly)?

    Less people are going to guess an ssh key because they're long than a random computer plus an ssh key comes from the system you used to generate them

Sign In or Register to comment.