Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- empty passphrases ...
- Micha¬≥ Kurowski
March 3, 2004, 7:44 pm
rate this thread
The problem is widely known, certainly - I would want to hear your
How to you disable empty passphrases on private keys ?
I have some users with WinSCP clients on publically available
accounts. They have a habit of enabling "stored sessions" in it and it
seems to me it posses a real security risk ...
On the other hand I would like to have key-based logins enabled - it
is needed for many administrative tasks.
What are the options ?
- Richard E. Silverman
March 3, 2004, 7:58 pm
Re: empty passphrases ...
MK> Hi, The problem is widely known, certainly - I would want to hear
MK> your opinion.
MK> How to you disable empty passphrases on private keys ?
You don't -- any more than you can "disable" the use of passwords which
have been written on Post-It(tm) notes stuck to the user's monitor. This
is a client-side implementation detail which is completely invisible to
the SSH server. You simply have to recommend your users not do it, and
perhaps monitor their compliance on the client side if feasible and
appropriate. You cannot enforce it from via the server.
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum