Translate This


Friday, April 6, 2012

What is the difference between password and passphrase under OpenSSH with DSA / RAS public key authentication?

Recently I received an interesting question from one my regular reader:
What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage?
The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.
For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3
The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.

No comments:

Post a Comment

Jangan Lupa Berilah Komentar!!
Trimakasih atas kunjungannnya.

Related Posts Plugin for WordPress, Blogger...