Re^2: If you do go with ssh..

Surely it weakens security because a single return is often the first thing Evil People will try if they do manage to get a copy of your private key.

If they've compromised the machine running the SSH client you're in trouble regardless of the authentication method used since the Evil Person can just install a key logger and get your passwords that way.

Comment on Re^2: If you do go with ssh..

Replies are listed 'Best First'.
Re: If you do go with ssh.. by Abigail-II (Bishop) on Apr 04, 2003 at 14:46 UTC
You may be in trouble, yes. But there's a big difference between able to continue the attack right away with a different machine, and being able to install software, log and gather data, and come back for a return visit undetected. Captain Picard still prefers his shields being at 40% over switching them off at the first sign of damage. ;-) Abigail	[reply]
Re^2: If you do go with ssh.. by adrianh (Chancellor) on Apr 07, 2003 at 09:08 UTC
True ;-) I'm certainly not advocating empty passwords.	[reply]