de-peering for security sake

Baldur Norddahl baldur.norddahl at
Sat Dec 26 23:54:33 UTC 2015

On 27 December 2015 at 00:11, Owen DeLong <owen at> wrote:

> No… You are missing the point. Guessing a private key is roughly
> equivalent to guessing a really long
> pass phrase. There is no way that the server side can enforce password
> protection of the private key
> on the client side, so if you are assuming that public-key authentication
> is two-factor, then you are
> failing miserably.

The key approach is still better. Even if the password is 123456 the
attacker is not going to get in, unless he somehow stole the key file.

Technically it is two-factor even if the user made one of the factors
really easy. And that might save the day if you have users that chooses bad

The system is weak in that it is too easy to steal the key file. It is not
unlikely that a user with sloppy passwords is also sloppy with his key file.

Too bad ssh does not generally support a challenge-response protocol to a
write only hardware key device combined with server side passwords that can
be checked against a blacklist.



More information about the NANOG mailing list