Amicitas@lemmy.world to Technology@lemmy.worldEnglish · 2 days agoNIST proposes barring some of the most nonsensical password rulesarstechnica.comexternal-linkmessage-square127fedilinkarrow-up1478arrow-down14file-text
arrow-up1474arrow-down1external-linkNIST proposes barring some of the most nonsensical password rulesarstechnica.comAmicitas@lemmy.world to Technology@lemmy.worldEnglish · 2 days agomessage-square127fedilinkfile-text
minus-squareTBi@lemmy.worldlinkfedilinkEnglisharrow-up5·1 day agoMy company blocked ssh keys in favour of password + 2FA. Honestly I don’t mind the 2FA since we use yubikeys, but wouldn’t ssh key + 2FA be better?
minus-squarejj4211@lemmy.worldlinkfedilinkEnglisharrow-up1·14 hours agoAll well and good when ssh activity is anchored in a human doing interactive stuff, but not as helpful when there’s a lot of headless automation that has to get from point a to point b.
minus-squareTBi@lemmy.worldlinkfedilinkEnglisharrow-up2·10 hours agoYep. All the headless automation broke…
minus-squareJasonDJ@lemmy.ziplinkfedilinkEnglisharrow-up2·1 day agoJust store your keys on the yubikey. Problem solved. Or use a smart card profile and go that route.
My company blocked ssh keys in favour of password + 2FA. Honestly I don’t mind the 2FA since we use yubikeys, but wouldn’t ssh key + 2FA be better?
All well and good when ssh activity is anchored in a human doing interactive stuff, but not as helpful when there’s a lot of headless automation that has to get from point a to point b.
Yep. All the headless automation broke…
Just store your keys on the yubikey. Problem solved.
Or use a smart card profile and go that route.