Bitcoin Forum
December 05, 2016, 12:53:05 PM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 [3]  All
  Print  
Author Topic: [SOLVED] Help with Ubuntu + MySQL  (Read 3427 times)
Bitsky
Hero Member
*****
Offline Offline

Activity: 542


View Profile
August 03, 2011, 10:56:50 PM
 #41

I guess I don't understand the point of authenticating with a key vs a really long complicated password.  Aren't they both effectively the same thing?  And if I authenticated with a key, I would need a keyfile, right?  Which would require that I keep a keyfile on my person whenever I wanted to access the server, whereas right now, I have the password almost memorized (a few more entries should do the trick).
You would generate a private/public key pair and place the public key on the server. The private key (which should be protected with a passphrase) stays on your PC. When you log in, no password will ever be transferred. The more servers you have, the nicer it is. As long as your pubkey is on it, you can log in with your passphrase. I wouldn't want to carry around 2-3 pages of passwords to do my daily work. Just store your private key along with your portable Bitcoin in a Truecrypt container on your usb stick.

Bounty: Earn up to 68.7 BTC
Like my post? Feel free to drop a tip to 1BitskyZbfR4irjyXDaGAM2wYKQknwX36Y
1480942385
Hero Member
*
Offline Offline

Posts: 1480942385

View Profile Personal Message (Offline)

Ignore
1480942385
Reply with quote  #2

1480942385
Report to moderator
1480942385
Hero Member
*
Offline Offline

Posts: 1480942385

View Profile Personal Message (Offline)

Ignore
1480942385
Reply with quote  #2

1480942385
Report to moderator
1480942385
Hero Member
*
Offline Offline

Posts: 1480942385

View Profile Personal Message (Offline)

Ignore
1480942385
Reply with quote  #2

1480942385
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1480942385
Hero Member
*
Offline Offline

Posts: 1480942385

View Profile Personal Message (Offline)

Ignore
1480942385
Reply with quote  #2

1480942385
Report to moderator
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
August 03, 2011, 11:19:04 PM
 #42

I guess I don't understand the point of authenticating with a key vs a really long complicated password.  Aren't they both effectively the same thing?  And if I authenticated with a key, I would need a keyfile, right?  Which would require that I keep a keyfile on my person whenever I wanted to access the server, whereas right now, I have the password almost memorized (a few more entries should do the trick).
You would generate a private/public key pair and place the public key on the server. The private key (which should be protected with a passphrase) stays on your PC. When you log in, no password will ever be transferred. The more servers you have, the nicer it is. As long as your pubkey is on it, you can log in with your passphrase. I wouldn't want to carry around 2-3 pages of passwords to do my daily work. Just store your private key along with your portable Bitcoin in a Truecrypt container on your usb stick.
So it's a bit like having a password protected by a password then?

I don't carry a USB stick with me... nor do I carry pages of passwords with me.  I won't go into details about my methods of saving them here though.

Guess it's just one of those different strokes for different folks thing.  As long as the password isn't transmitted in plaintext for an SSH session, then I don't see why it wouldn't be a perfectly secure way of accessing a server.
BCEmporium
Legendary
*
Offline Offline

Activity: 938



View Profile
August 03, 2011, 11:36:39 PM
 #43

Actually his method is one password, after one password and then one password.  Grin

Pass#1: To open your truecrypt container
Pass#2: PK password.
Pass#3: Your remote login. (optional, as the key pair can perform auth on their own, but you might want to su to other account)

Because he is a "security guy", probably he is using one of those password managers/generators. Which means that if you get his PC and manage to get and brutteforce his "password manager" along with his PK, you get all in one place to enter on every place he can. Surplus! Because there's no way he can remember (in the braincells) the user/pass combos he has in his password manager, you can just delete its database to lock the owner outside of his own property.
(Isn't paranoia b-e-a-u-t-i-f-u-l or what?)
SgtSpike
Legendary
*
Offline Offline

Activity: 1344



View Profile
August 03, 2011, 11:53:40 PM
 #44

Actually his method is one password, after one password and then one password.  Grin

Pass#1: To open your truecrypt container
Pass#2: PK password.
Pass#3: Your remote login. (optional, as the key pair can perform auth on their own, but you might want to su to other account)

Because he is a "security guy", probably he is using one of those password managers/generators. Which means that if you get his PC and manage to get and brutteforce his "password manager" along with his PK, you get all in one place to enter on every place he can. Surplus! Because there's no way he can remember (in the braincells) the user/pass combos he has in his password manager, you can just delete its database to lock the owner outside of his own property.
(Isn't paranoia b-e-a-u-t-i-f-u-l or what?)
Lol, I think I'm gonna have to side with you on this one.  Wink  I do appreciate having both of your opinions on the matter though.
Bitsky
Hero Member
*****
Offline Offline

Activity: 542


View Profile
August 04, 2011, 06:31:51 PM
 #45

@BCEmporium
You really think I'll go down to that level of yours now? You win, you're the greatest. If that gets you off, I'm glad I could help.  Roll Eyes

Bounty: Earn up to 68.7 BTC
Like my post? Feel free to drop a tip to 1BitskyZbfR4irjyXDaGAM2wYKQknwX36Y
BCEmporium
Legendary
*
Offline Offline

Activity: 938



View Profile
August 04, 2011, 07:51:42 PM
 #46

Believe that "paranoia" and general impractical "security" isn't security, at the best it counts as a nag, isn't "going down" anywhere.

Engineering is all about allocate the appropriate means and measures to a specific desirable end. NO MORE NO LESS! You don't see airplanes made of paper nor planes made of steel.
Pages: « 1 2 [3]  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!