home | list info | list archive | date index | thread index

Re: [OCLUG-Tech] jailing users?

On Wed, 18 Jan 2006, Bill Strosberg wrote:

> One important thing is that discipline on the system admin's part really 
> helps
> - install and USE sudo, and allocate executable program access via sudoers.


> Given the ease of installing keyloggers, working from any terminal - 
> xterm or remote ssh can result in exposure of username/passwords, 
> therefore keeping administrative access to only trusted platforms, and 
> using PKI keys instead of passwords is important.

If someone can install a keylogger on your machine, you've got more to 
worry about than your password being compromised. And if they could get 
your password, then your PKI key access to another machine is insecure, 
unless it resides on something like a USB key that you carry with you. 
Then, maybe its's not secure anymore after its first use either...



message navigation