Ever since networking came out, one important issue, to a various extent over the time, has been how to give the legitimate users the right access - authentication, which is one of the three basic elements in security: authentication, authorization and access control.

Over the last decade, we have seen telnet being replaced by the ssh protocol, which ensures secure encrypted traffic including the passwords. However, no matter how secure the technology is, users can always open up a security hole for the sake of convenience. In the case of Openssh, one common misused feature is the RSA/DSA key authentication system. Imagine the following situation: John is a new system administrator in a small company, who is responsible for twenty Linux machines. His tasks require his logging into different systems and copying files from each other.

The link for this article located at OS News is no longer available.