=== ANCHOR POEM === ══════════════════════════════════════════════───────────────────────────────────── oh yeah well if SSH keys are so secure then why doesn't every website on Earth require them really though why doesn't every website on Earth require them ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════────────────────────────────────────┘ === SIMILARITY RANKED === --- #1 fediverse/1482 --- ════════════════════════════════════════════════─────────────────────────────────── @user-192 I feel like SSH keys to log into every website should be a standard or something similar ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════──────────────────────────────────┘ --- #2 fediverse/3471 --- ════════════════════════════════════════════════════════─────────────────────────── @user-883 it might be, I don't know much about it (hence why I'm asking questions) but I have heard that ssh keys are more secure than password authentication and it never made sense to me. If availability is important for security purposes, then wouldn't SSH keys (which are much more difficult to carry around than a password) be less suitable? ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #3 fediverse/3668 --- ════════════════════════════════════════════════════════─────────────────────────── setting up an SSH server is like a rite of passage for Linux administrators (notice I didn't say users, you can't use linux, only administer it) ... I'm having trouble with my rites >.> ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #4 fediverse/3469 --- ════════════════════════════════════════════════════════─────────────────────────── you know how SSH password login is deprecated because the password needs to be transmitted in cleartext or whatever? what if we just... required two passwords? the first initiates the conversation, and sets up an encrypted line. It doesn't matter if anyone sees the first password because they'll get a new set of encrypted keys, meaning each session automatically is encrypted in a different, randomized way. the second password is the one that actually authenticates you. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #5 fediverse/4720 --- ═══════════════════════════════════════════════════════════════──────────────────── @user-882 it's a security hole though yeah... there ya go... ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════════════════════───────────────────┘ --- #6 fediverse/797 --- ══════════════════════════════════════════════───────────────────────────────────── irc is bloat use ssh + write to chat with your friends instead ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════────────────────────────────────────┘ --- #7 fediverse/3470 --- ════════════════════════════════════════════════════════─────────────────────────── alternatively, when you initiate an SSH session it sends you a randomized public key whose private key is the password that you need to login. By decrypting the string of text it sent you and sending it back (plus the password at the end or whatever) you can ensure secure authentication without bothering with the passwordless keys which are wayyyyyy more trouble than they're worth and lack the "something you know" authentication method. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════════──────────────────────────┘ --- #8 fediverse/4093 --- ═══════════════════════════════════════════════════════════──────────────────────── I have no idea why people prefer a GUI when working with software. How the heck do they expect to use their computer remotely if they can't even run their software over SSH? ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════════════════───────────────────────┘ --- #9 fediverse/1505 --- ═════════════════════════════════════════════════────────────────────────────────── 2 factor authentication is not for security. If they cared about security they would use SSH keys. 2FA is so that your email provider knows whenever you log in somewhere. Most people use gmail. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════════─────────────────────────────────┘ --- #10 fediverse/1693 --- ════════════════════════════════════════════════════─────────────────────────────── "if I work on the TTY then they can't forward my X session without my consent" - ramblings of the utterly deranged as if they couldn't just look at your unencrypted source-code as you save it to your hard drive smh ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════════──────────────────────────────┘ --- #11 fediverse/664 --- ═════════════════════════════════════════════────────────────────────────────────── @user-482 [secretly installs a keylogger and doesn't tell anyone upstream but still pushes it to production] [or worse, was told to do as such and given tools to fabricate "evidence" to the contrary to everyone else on the team] ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════─────────────────────────────────────┘ --- #12 fediverse/1310 --- ════════════════════════════════════════════════─────────────────────────────────── that feeling when you type your password so fast that one hand is faster than the other and the letters get all jumbled and now you have to remake your ssh key -.- ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════════──────────────────────────────────┘ --- #13 fediverse/3092 --- ═══════════════════════════════════════════════════════──────────────────────────── ┌──────────────────────────────────────────────────────────────────────────────┐ │ CW: re: why-are-you-so-demanding-ritz-just-give-it-a-rest-everyone-agrees-with-you │ └──────────────────────────────────────────────────────────────────────────────┘ @user-570 oh yeah UBI would be nice. Can we do that instead? ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════════════───────────────────────────┘ --- #14 fediverse/2252 --- ══════════════════════════════════════════════════════───────────────────────────── ┌──────────────────────┐ │ CW: tech-encryption │ └──────────────────────┘ users don't want to have to think about encryption keys. they should be available for them if they need them, in like... a folder or something somewhere, but they don't need to really know that they exist. more friction like that keeps people away from being secure. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════────────────────────────────┘ --- #15 fediverse/3832 --- ═════════════════════════════════════════════════════════────────────────────────── I got SSH working!!! ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧══════════════════════════════════════════════════─────────────────────────┘ --- #16 fediverse/3282 --- ═══════════════════════════════════════════════════════──────────────────────────── I hate how fragile Linux is It deserves to be strong and durable ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧════════════════════════════════════════════════───────────────────────────┘ --- #17 fediverse/5390 --- ══════════════════════════════════════════════════════════════════════───────────── ext4 is not an encryption scheme, even though it seems that way to windows users. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════════════════════────────────┘ --- #18 fediverse/329 --- ════════════════════════════════════════════─────────────────────────────────────── @user-241 okayyyy if I must =P =P ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═════════════════════════════════════──────────────────────────────────────┘ --- #19 fediverse/2622 --- ══════════════════════════════════════════════════════───────────────────────────── what kind of linux user are you if you don't even like reading terminal output? it's USEFUL and INTERESTING information! WHY ELSE WOULD THE PROGRAMMER OUTPUT IT??? ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════────────────────────────────┘ --- #20 fediverse/2601 --- ══════════════════════════════════════════════════════───────────────────────────── @user-249 you can host anything you'd like on a raspberry pi. If the software requirements are within the hardware specs, of course. ┌─────────┐ ┌───────────┐ │ similar │ chronological │ different │ ╘═════════╧╧═══════════════════════════════════════════════────────────────────────────┘ |