Vuln ssh passwdauth

From Atomicorp Wiki
Revision as of 20:57, 22 January 2012 by Mshinn (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Vulnerability

System allows password based authentication

Explanation

Passwords are the simplest and most easily defeated form of authentication. Passwords can be stolen, either directly or via software such as viruses or malware, or may be guessed or brute forced.

Linux offers other forms of authentication, such as key based authentication, which is much stronger than passwords. For example, keys can not be guessed or brute forced. A key would need to stolen by an attacker, and the credentials to access it would also need to be stolen.

Personal tools