securing sshd

Jerry gesbbb at
Sat Mar 20 16:14:20 UTC 2010

On Sat, 20 Mar 2010 16:32:28 +0100
Erik Norgaard <norgaard at> articulated:

> > * Disabled password logins completely, and to only allow public key
> > authentication  
> This seems good for security, but not always practical. Now you have
> to walk around with a USB or have keys on your laptop and if you
> loose the USB or the laptop gets stolen you can't get access. Worse,
> you can't revoke the keys till you get back home.

Worse yet, if you get shot and killed you won't be able to access your
data no matter how hard you try.

Seriously, disabling password log-ins and using key authentication is
extremely secure. Do make sure that you password protect your keys
however. In any event, if you laptop or whatever is stolen, you have
more than just one problem to contend with anyway.

gesbbb at

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the Reply-To header.

It's not whether you win or lose, it's how you place the blame.

More information about the freebsd-questions mailing list