Answer the question
In order to leave comments, you need to log in
V
V
Vincent12018-12-16 09:43:16
Vincent1, 2018-12-16 09:43:16
Why is SSH key authorization considered more secure than a password?
The key file can be stolen from a computer, phone or flash drive. For example, I store some keys in my phone. Passwords, on the other hand, can only be stored in the head, and therefore it is more difficult to steal them.
Here I have a question - why is SSH authorization by key considered safer than a password?
brute force is very unlikely: ssh on a non-standard port + fail2ban
1 answer(s)
@chupasaurus
C
chupasaurus, 2018-12-16 @chupasaurus
Because:
- The probability of a successful key brute force is extremely small, unlike
- Private keys must be stored in encrypted form, and preferably in specially designated hardware keys.
- There are measures against thermorectal cryptanalysis in the form of SSH CA and, accordingly, the transformation of keys into a kind of SSL certificates
brute force is very unlikely: ssh on a non-standard port + fail2banAny RCE vulnerability in the application on the server will allow poking into the ssh server past fail2ban in the absence of isolation.
Similar questions
S
P
M
A
E
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question