Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

At this point, 16 bits of entropy is more than the entropy of a lot of the passwords that I've seen.


You have 10 bits of entropy at best, unless you put it above 1024, at which point if it dies, any none privileged user on the box can sniff passwords.


Why are you using passwords for SSH?

Do you actually have untrusted users on the box?

Why would you not secure the custom port to root-only?


If you are serious, you should limit SSH access to a bastion host with no unprivileged users.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: