<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></head><body ><div>When I say keys, I mean hashed keys (per my article).</div><div><br></div><div>1. The private keys on a server are indeed hashed, so the user has to enter their password to decrypt them on the server, so that the session key can fire up. The attacker needs both remote access and an exploit to ssh to steal your password. I am comfortable with that.</div><div><br></div><div>Client reverse auth can make this even more challenging.</div><div><br></div><div>1. Use of multiple servers for a single application has become much more common. Different keys for different servers (or classes), is do-able. Less is the problem of multiple users per system (in Yoda voice).</div><div><br></div><div>Finally, I know too much about security, but slowing projects down, is not fun to me. I prefer to get stuff done, fast.</div><div><br></div><div>Ssh keys truly offer both. Faster, more secure, more options (client auth).</div><div><br></div><div>As a final note, on speed and security. I am not sure what the group's opinion is on Lastpass, but I have developed a very effective personal security system based on last pass and Yubikey. This has literally changed my life ;-)</div><div><br></div><div>http://crunchtools.com/last-pass-with-yubikey</div><div><br></div><div><br></div><div><div style="font-size:8px;color:#575757">Sent from my Verizon Wireless 4G LTE smartphone</div></div><br><br><div>-------- Original message --------</div><div>From: Rob Funk <rfunk@funknet.net> </div><div>Date:05/23/2014 7:38 PM (GMT-05:00) </div><div>To: Central OH Linux User Group - 432xx <colug-432@colug.net> </div><div>Subject: Re: [colug-432] password survey </div><div><br></div>On Friday, May 23, 2014 09:57:39 AM Rob Funk wrote:<br>> Scott McCarty wrote:<br>> > Personally, I do not consider hashing of any kind secure because it<br>> > is plausible to crack some of the passwords. Worse, it's a moving<br>> > target with ASICs and video cards cracking faster, and faster. I am<br>> > not trying to preach, but prefer keys, and session encryption for<br>> > anything production. By very nature, keys are two factor and revocable.<br><br>One more thing on this one: With keys, the server software needs access to <br>the key, which means that anyone who can crack that software gets the key <br>and therefore all the plaintext passwords. With hashes, the server software <br>only gets access to individual plaintext passwords long enough to hash them, <br>so there's no way to lose everything in one fell swoop.<br><br><br>> The problem with using symmetric encryption for passwords is that each<br>> account now has two ways of getting in: knowing/cracking the password,<br>> and knowing/cracking the encryption key. And unlike with hashing, if<br>> that encryption key is stolen then everyone's passwords are exposed.<br>> Generally it's not considered a good idea for anyone to get access to<br>> plaintext passwords. (Authentication protocols that involve passing<br>> the hashed password across the wire complicate things though, since<br>> the protocol does need access to the plaintext password.)<br><br>-- <br>Rob Funk<br>http://funknet.net/rfunk<br><br>_______________________________________________<br>colug-432 mailing list<br>colug-432@colug.net<br>http://lists.colug.net/mailman/listinfo/colug-432<br></body>