Subject: Re: ssh - are you nuts?!?
To: None <,>
From: Tracy J. Di Marco White <>
List: tech-security
Date: 12/17/2000 12:29:05
}To come back on ssh, two other advantadges (forgive my worse English) are
}1) RSA-based host authentication. 

}2) Instead of giving in a username you can also use RSA based authentication
}with a passphrase. It's shortly explained in ssh(1) (man 1 ssh).

As a system administrator, I consider RSA based authentication not so much
of a plus.  I manage systems with up to 45K users, and we mandate decent
passwords.  Using RSA passphrase authentication allows people to circumvent
our password rules, and in fact allows them to choose to have no passphrase
at all.  We use kerberos, and kerberos encrypted telnet offers some moderate
amount of encryption.

Tracy J. Di Marco White
Project Vincent Systems Manager