On 2013/03/05 12:51, Peter Bisroev wrote: > Hi Stuart, > > On Mon, Mar 4, 2013 at 7:33 PM, Stuart Henderson <s...@spacehopper.org> wrote: > >> I am aware that "more secure" depends on the situation, such a whether > >> the login is happening from a trusted terminal, how is the secret key > >> stored on the device that is generating TOTP, is the public key > >> encrypted, etc. But what are your thoughts in general? > > > > I think it totally depends on the situation and can't really be applied > > in general.. Either of them can be made to be unsafe. > > That makes sense. I guess it all depends on your trust relationship > with the party whom you are allowing to connect to your hosts.
To illustrate: if you don't trust users to keep their authorized_keys file encrypted, you might want to require additional authentication (password or OTP). Or if you don't want the replay window that TOTP gives then you might want the second factor of a public key authentication. > > OpenSSH has this in -current, see sshd_config(5) AuthenticationMethods. > > That is great! I will definitely give it a go. It might also be worth pointing out that this can be used in a Match block, therefore if wanted you can permit access from known addresses of secured hosts with just an SSH key, but require an additional password/OTP for connections from other addresses.
