[Systems] [Fwd: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30]

[Sascha Silbe]

Excerpts from Bernie Innocenti's message of 2011-10-13 22:33:25 +0200:

> Some form of TOP would make sense for us sysadmins.
[TOP = two-factor authentication?]

I don't consider it worth the trouble to add more authentication hurdles
on the server side. We can encourage all admins to use a hardware token
(like the Gemalto USB Shell Token V2 + OpenPGP v2 smart card I'm using),
but anything else will only make it more annoying to connect to the
servers, not any more secure. If anyone has access to your private key,
they have already won. They can sniff the keyboard, hijack ssh sessions,
etc.pp. The only thing the hardware token really helps with is removing
the need to create new keys and re-establish your web of trust, BTW.

The only way to make it more secure is by making sure attackers don't
get into your account in the first place. Run applications processing
foreign data - especially complex ones like web browsers - in isolation
shells (read: Rainbow), encrypt your hard disk, make sure you always
leave the screen locked when you're afk, check for (commercial grade)
hardware key sniffers, etc.

Sascha

-- 
http://sascha.silbe.org/
http://www.infra-silbe.de/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.sugarlabs.org/private/systems/attachments/20111017/7ab0ea1f/attachment.pgp>