making the passphrase prompt more clear

Corinna Vinschen vinschen at redhat.com
Thu Sep 4 21:10:42 EST 2014


On Sep  4 06:59, Nico Kadel-Garcia wrote:
> On Thu, Sep 4, 2014 at 6:11 AM, shawn wilson <ag4ve.us at gmail.com> wrote:
> > This got me thinking, shouldn't this go through PAM so that password
> > strength restrictions can be set as well? Obviously most ssh keys are
> > created locally. But, if this were implemented, I think most distros
> > would adopt the same strength criteria on this as they do with passwd
> > and the like.
> 
> That... sounds wildly off-topic from the original note, and extremely
> fragile. You'd have to route the existing 'ssh-keygen' tool, which is
> an entirely local, well contained, and very stable tool, through PAM,
> which is in itself a maintenance and configuration nightmare.

...or doesn't even exist on the target system.

-- 
Corinna Vinschen
Cygwin Maintainer
Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20140904/07e40abf/attachment.bin>


More information about the openssh-unix-dev mailing list