Re: More on learning "Public Key Authentication"

From: Troubled Tony <tt@xxxxxxxxxxx>
Date: Mon, 05 Sep 2005 07:04:05 -0500

Mark Conrad <NoSpamDammit@xxxxxxxxxxx> wrote:
> Troubled Tony <tt@xxxxxxxxxxx> wrote:
> > Mark Conrad <NoSpamDammit@xxxxxxxxxxx> wrote:
> > > Jon Aalborg <navn@xxxxxxxxxxxxxxx> wrote:
> > >
> > > > The practical benefit is that you never send your password
> > > > over the net...<rest-heavily-clipped>...
> > >
> > > Bingo! - - - that says it all. I don't know why that did not occur to
> > > me, probably because my senility got in the way.
> >
> > It's not true.
> >
> > Your SSH/SFTP lusernames and passwords are encrypted all the way.
> >
> > PKA is not much different in that it's also encrypted.
>
> Allright, I apperently mis-understood Jon Aalborg to mean the
> un-encrypted password, when in reality he meant the encrypted password.
>
> Nevertheless, if the cracker has access to the encrypted password, the
> regular encrypted password that is used by default in OS X, I am sure
> you will agree it is easier for him to "crack" the encrypted password
> to determine the real password.

I can't parse that.

>
> (unless the cracker runs into guys like me who use 250 digit passwords,
> instead of 8 or 10 digit passwords like the majority of Mac users do)

I think it's only looking at the first eight characters.

Somehow I doubt you login using "250 digit passwords."

> Those 8 digit passwords _can_ be cracked in a reasonable period of
> time by a cracker with a fast computer.

But they'd have to break into root on your machine first to get
the password hash in the first place.

> Okay, I obviously have a lot to learn about the _real_ reasons why
> PKA is used by some knowledgable Unix people.

To learn in general, purchase the O'Reilly book "SSH, The Secure Shell",
and a PGP book. PGP on the Mac is great BTW, with PGPdisk.
.

Follow-Ups:
- Re: More on learning "Public Key Authentication"
  - From: Mark Conrad

References:
- More on learning "Public Key Authentication"
  - From: Mark Conrad
- Re: More on learning "Public Key Authentication"
  - From: Alex
- Re: More on learning "Public Key Authentication"
  - From: Mark Conrad
- Re: More on learning "Public Key Authentication"
  - From: Jon Aalborg
- Re: More on learning "Public Key Authentication"
  - From: Mark Conrad
- Re: More on learning "Public Key Authentication"
  - From: Troubled Tony
- Re: More on learning "Public Key Authentication"
  - From: Mark Conrad

Prev by Date: Re: Why cant I email plain old Mac files to mac users?
Next by Date: Re: Tiger network traffic monitoring
Previous by thread: Re: More on learning "Public Key Authentication"
Next by thread: Re: More on learning "Public Key Authentication"
Index(es):
- Date
- Thread

Relevant Pages

Re: More on learning "Public Key Authentication"
... un-encrypted password, when in reality he meant the encrypted password. ... Nevertheless, if the cracker has access to the encrypted password, the ... (unless the cracker runs into guys like me who use 250 digit passwords, ... Those 8 digit passwords _can_ be cracked in a reasonable period of ...
(comp.sys.mac.system)
Re: More on learning "Public Key Authentication"
... > time by a cracker with a fast computer. ... > As for the ease of getting the encrypted password directly from the ... If the Mac user makes the easy mistake of allowing a regular ... instead of 8 or 10 digit passwords ...
(comp.sys.mac.system)