[systemd-devel] Antw: Re: Antw: [EXT] Block systemd from adding new services
Ulrich Windl
Ulrich.Windl at rz.uni-regensburg.de
Mon Jun 14 08:17:10 UTC 2021
>>> Andy Pieters <systemd at andypieters.me.uk> schrieb am 14.06.2021 um 10:09 in
Nachricht
<CAB2L6a_rBcHD93xWdjtFqzunaGDDJQ9zV++d_OiSNuRLjb5A5Q at mail.gmail.com>:
> On Mon, 14 Jun 2021 at 09:05, Ulrich Windl <
> Ulrich.Windl at rz.uni-regensburg.de> wrote:
>
>>
>> The better solution would have been to pick a stronger password IMHO.
>>
>>
>> Or rather turn off password authentication. If you must have automation,
> use RSA keys, if not, and really want to keep passwords, add a 2FA to it,
> like yubikey.
Considering a more than 10 year old recommendation that a password should have at least 96 bits of entropy, I wonder which robot was able to brute-force attack such over SSH.
What passwords and RSA keys have in common: They are worthless once leaked.
Regards,
Ulrich
More information about the systemd-devel
mailing list