... darkrealms ...

Cooperative anarchy at its finest, still active today. Darkrealms is the Zone 1 Hub.

RBERRYPI

Support for the Raspberry Pi device

21,939 messages

[ << oldest | < older | list | newer > | newest >> ]

Message 19,286 of 21,939

Chris Green to Richard Kettlewell

Re: It is now very nearly impossible to

31 Jan 24 14:40:26

   INTL 3:770/1 3:770/3   
   REPLYADDR cl@isbd.net   
   REPLYTO 3:770/3.0 UUCP   
   MSGID:  8892dfcd   
   REPLY:  14fb00b7   
   PID: SoupGate-Win32 v1.05   
   Richard Kettlewell  wrote:   
   > Chris Green  writes:   
   > > Scott Alfter  wrote:   
   >   
   > >> For remote access (to a headless box or otherwise), you should be   
   > >> using key-based authentication anyway and should disable password   
   > >> authentication in sshd.   
   > >   
   > > Why specifically?   
   > >   
   > > One argument against using key based authentication (in my case   
   > > anyway) is that my home desktop and my laptop (which are the ssh   
   > > clients) are turned on and logged-into just about all the time. Thus,   
   > > with the default log-in key used for authentication, all my remote   
   > > systems would be accessible to someone just walking up to desktop or   
   > > laptop.   
   >   
   > If an attacker can just walk up to your computer and run commands on it   
   > then they will install a keylogger and they will have any passwords you   
   > use next time you type them.   
   >   
   That requires a knowledgeable attacker, just connection to a remote   
   doesn't.   
      
      
   > There are things you can do about this (screen lock, full disk   
   > encryption, etc) but your choices may depend on the nature of the   
   > threat. e.g. a dishonest cleaner could be deterred by a screen lock, but   
   > an abusive partner might respond with violence to any visible security   
   > measures.   
   >   
   Quite.   
      
      
   However this is all quite academic really.  It's security the other   
   way about (**into** my home system) that really matters.   
      
   --   
   Chris Green   
   ·   
      
   --- SoupGate-Win32 v1.05   
    * Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)   
   SEEN-BY: 10/0 1 15/0 90/1 103/705 105/81 106/201 128/260 129/305 135/225   
   SEEN-BY: 153/757 7715 218/0 1 601 700 840 870 930 220/70 221/1 6 226/17   
   SEEN-BY: 226/30 100 227/114 229/110 112 113 200 206 307 317 400 426   
   SEEN-BY: 229/428 470 550 616 664 700 240/1120 266/512 267/800 282/1038   
   SEEN-BY: 291/111 292/854 301/1 113 812 310/31 320/219 322/757 335/364   
   SEEN-BY: 341/66 342/200 396/45 460/58 633/280 712/848 770/1 3 100   
   SEEN-BY: 770/330 340 772/210 220 230 5020/400 1042 5058/104 5075/35   
   PATH: 770/3 1 218/840 221/6 301/1 218/700 229/426

[ << oldest | < older | list | newer > | newest >> ]