Recently I received an interesting question from one my regular reader:
What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage?
The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.
For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3
The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.
If anyone aware of more differences please add in comments section :)
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop