Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [Full-disclosure] [Full-Disclosure] (Psexec on *NIX)
From: Stan Bubrouski (stan.bubrouskigmail.com)
Date: Fri Feb 02 2007 - 12:01:47 CST
On 2/2/07, Tyop? <tyoptyopgmail.com> wrote:
> key-based login without passphrase is like eating cheese without
> bred. useless (IMHO).
Totally, if someone compromises the machine and gets root they get all
your keys and without a passphrase... yeah no good.
> > - - With a little bit of configuration, it's easy to figure out which
> > key was used to login to an account; the audit trail can be managed
> > that way.
> > - - Managing which users have access to which root accounts is trivial
> > this way: just add or delete their keys from .ssh/authorized_keys.
> Totally agree.
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/