The sys admin’s daily grind: PWGen

CRYPTIC CODER

Article from Issue 89/2008
Author(s):

Easy to remember but still safe – this is the classic conflict when it comes to choosing a password. The PWGen tool offers a sensible compromise.

If you recall, I complained about weak passwords in issue 84. The Fail2ban tool I talked about prevents disasters, but it really only treats the symptoms. If I choose the timing parameters carefully, Fail2ban will repel brute force attacks, but it stands no chance against password post-its on the keyboard or easily guessed passwords. As is always the case in security technology, the desired degree of protection determined by the admin and convenience, which is what users prefer, are in conflict.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column

    Users log on to services such as SSH, ftp, SASL, POP3, IMAP, Apache htaccess, and many more using their names and passwords. These popular access mechanisms are a potential target for brute-force attacks. An attentive bouncer will keep dictionary attacks at bay.

    more »
  • Balancing Act

    CLI tools for generating passwords have many options that can help you strike a balance between ease of use and security.

    more »
  • Charly's Column

    Twitter, so everyone says, is modern, fun, sociologically illuminating and otherwise useless. Even Charly feeds a budgie – but at the console, it's a question of style.

    more »
  • Charly's Column

    Without TinyURL.com and similar URL shortening services, many Twitter postings would only have enough space left for “Look at this.” But if you run a web server yourself, you might prefer to grow your own shortener.

    more »
  • Charly's Column

    Some of Charly’s servers run the SSH daemon on port 443 rather than on the standard port 22. If an SSL-capable Apache web server starts causing trouble, his method of settling the dispute is sslh.

    more »
comments powered by Disqus

Visit Our Shop

Trial Subscription

Digital Subscription

Subscribe

Direct Download

Read full article as PDF:

059-059_charly.pdf  (263.46 kB)

News

Tag Cloud

Administration Community Desktop Events Hardware Linux Linux Pro Magazine Mobile Programming Software Ubuntu Web Development Windows free software open source