Whats the difference between password+RSA, and password-protected RSA ?

Patrick gibblertron at gmail.com
Mon Nov 21 23:38:22 UTC 2011

In the case of a passphrase-protected RSA key, the server knowsnothing
about it, so you would never be able to enforce that. It's onthe
client side that the key is decrypted with the passphrase
beforesubmitting it to the server.

On Mon, Nov 21, 2011 at 1:19 PM, Mm Bsd <mmbsd1982 at yahoo.com> wrote:
> Let's say I'd like to add a small amount of extra security to my SSH login process.
> Let's say I decide the way I want to do this is by requiring BOTH a password and an RSA key.  There appear to be patches, or procedures, that allow me to do this.  So to log in, I would be required to enter a normal unix password, but I would ALSO be required to hold a proper RSA public key.
> My question is this:
> In terms of security (and correctness ?) what's the difference between this (unix password + SSH RSA key) and simply generating my RSA key *with* a password ?  Both ways require me to "have something" and "know something", but they are obviously different, technically.
> Comments on the difference, and relative security of the two methods ?
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"

More information about the freebsd-questions mailing list