NCI Help

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Mohsin Ali

Saved on

compared with

New Version Current

changes.mady.by.user Mohsin Ali

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Panel
titleOn this page

Table of Contents

Warning

Warning

Incorrectly configuring ssh keys can leave your accounts vulnerable to attack and, more importantly, can provide attackers with a trivial means to transfer their attacks to other systems and organizations. Organizations you are affiliated with may require you to maintain certain standards of personal IT security to help limit the risk of their systems being compromised. Please consult their IT security policies and staff. Regardless of policy, you should consider it your responsibility to help avoid the compromise of any system you have been given access to by deploying safe IT security practices.

SSH Security

  • If you don't sufficiently understand ssh keys, DON'T use them. Use only passwords and use good ones - at least 9 characters long, a mixture of alphanumeric and non-alphanumeric characters and of mixed case. The password should be completely different to the password you use on any other system.
  • NEVER copy a private key anywhere! The private key should remain in your .ssh directory on the system you generated it on and should be readable only by you.
  • SSH key passphrases should be as secure as other passowrds.
  • Never setup passphraseless ssh keys to allow unauthenticated login access between systems.

...