From owner-freebsd-questions@FreeBSD.ORG  Sat Dec 13 04:22:51 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id F31AC1065676
	for <freebsd-questions@freebsd.org>;
	Sat, 13 Dec 2008 04:22:51 +0000 (UTC)
	(envelope-from fbsd.questions@rachie.is-a-geek.net)
Received: from mail.rachie.is-a-geek.net (rachie.is-a-geek.net [66.230.99.27])
	by mx1.freebsd.org (Postfix) with ESMTP id C031E8FC12
	for <freebsd-questions@freebsd.org>;
	Sat, 13 Dec 2008 04:22:51 +0000 (UTC)
	(envelope-from fbsd.questions@rachie.is-a-geek.net)
Received: from localhost (mail.rachie.is-a-geek.net [192.168.2.101])
	by mail.rachie.is-a-geek.net (Postfix) with ESMTP id AB466AFC1FF;
	Fri, 12 Dec 2008 19:22:50 -0900 (AKST)
From: Mel <fbsd.questions@rachie.is-a-geek.net>
To: freebsd-questions@freebsd.org
Date: Sat, 13 Dec 2008 05:18:59 +0100
User-Agent: KMail/1.9.7
References: <alpine.BSF.2.00.0812100440400.49382@prime.gushi.org>
	<200812110911.27184.fbsd.questions@rachie.is-a-geek.net>
	<20081211064010.1756fde5@scorpio>
In-Reply-To: <20081211064010.1756fde5@scorpio>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-6"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200812130518.59662.fbsd.questions@rachie.is-a-geek.net>
Cc: 
Subject: Re: How to block NIS logins via ssh?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 13 Dec 2008 04:22:52 -0000

On Thursday 11 December 2008 12:40:10 Jerry wrote:
> On Thu, 11 Dec 2008 09:11:26 +0100
>
> Mel <fbsd.questions@rachie.is-a-geek.net> wrote:

....

> >6) Disable password based logins and use keys only.
>
> Personally, I have always used 'keys' instead of passwords. Given
> enough time and resources, any password can be cracked. I really do not
> understand why so many users insist on using passwords anyway.

2 reasons:
- It's the default
- Less hassle getting access from a new account.

It's the first thing I disable as well. I have machines I don't even know my 
local password for. Key on a flash card so I can get access from any new 
machine with an USB port.

-- 
Mel

Problem with today's modular software: they start with the modules
    and never get to the software part.