On 11/10/2015 01:26 PM, Alan McKinnon wrote: > > I think you are approaching this problem from the wrong viewpoint. You > have to assume an attacker has vastly more resources to bear on the > problem than you have. Thanks to Amazon and the cloud, this is now a > very true reality. Brute force attacking a root password is nowhere near > as complex as the maths would lead you to believe; for one thing they > are decidedly not random. The fact is that they are heavily biased, > mostly due to 1) you need to be able to remember it and 2) you need to > be able to type it. > > Humans have been proven to be very bad at coming up with passwords that > are truly good[1] and hard for computers to figure out. And our brains > and very very VERY good at convincing us that our latest dumb idea is > awesome. Are you really going to protect the mother lode (root password) > with a single system proven to be quite broken and deeply flawed by wetware? >
I know all that, but I asked you to assume that I'm not an idiot and that it would take forever to brute-force my root password =) I'm not going to tell you what it is, so you'll have to believe me. > Two factor auth is cheap (ssh-keygen and ssh-copy-id) and keys take the > human factor out of the first step. It's not security theatre nor cargo > culting, so why not use it and gain the benefits for minimal effort? > The rest of what you say is all true, but *given that no one is going to brute-force the root password*, what specific attack am I defending against? I'm not trying to be annoying -- if switching to two-factor auth will improve things, I'll do it -- but no one has ever been able to tell me what I'd gain from it.
