|
 |
On Thu, 15 Sep 2011 19:46:42 +0100, Orchid XP v8 wrote:
>> Man pages are not intended to be tutorials. They're manual pages.
>
> ...which is the point I'm trying to make, yes.
So then what's the problem? You're complaining that they're not
tutorials, but they're not intended to be tutorials.
>>> Then again, sometimes the manpage just says "use info". And then you
>>> had /another/ problem...
>>
>> Well, no, it's not *another* problem - you just need to use the info
>> command instead.
>
> Have /you/ tried navigating the thing?
>
> Since I'm guessing the answer is probably "yes", then I don't need to
> explain to you how hard it is...
Yes, and I usually end up googling instead. I'm sure I could figure it
out, but I don't need it that often.
>>> So even with this line, people can *still* authenticate by password.
>>
>> Not to the best of my knowledge.
>
> I'm fairly sure I tested it, and discovered that I needed to turn off
> multiple things to stop it accepting my password as a valid login. But
> since that was then and this is now, I guess I might be incorrect.
It might be easier now, yes. Honestly, I've never even looked for a CHAP-
based authentication mechanism for ssh.
>>>>> I thought the host key is how the server identifies itself to you,
>>>>> not how you identify yourself to the server?
>>>>
>>>> Host keys aren't very commonly used AFAIK.
>>>
>>> All three of the SFTP systems we use commercially have them.
>>
>> A sample size of 3 isn't exactly data supporting "commonly used".
>
> It's infinity times larger than a sample size of zero. ;-)
Sure, but not mathematically significant.
> Then again, one of these systems is set up to use PK authentication, and
> the server administrators emailled /us/ with the private key to use to
> get access. *facepalm*
>
> Imagine it: Going to all the trouble of setting up a secure system, and
> not even knowing how to secure it properly...
I don't have to - I see it fairly regularly.
Jim
Post a reply to this message
|
|
