Recently I received an interesting question from one my regular reader:
What is the basic and important difference between password and passphrase when implementing SSH with DSA/RAS public key authentication? Which one is recommended for daily usage?
The main and basic difference is that you can use multi string phrase including spaces and tabs using a passphrase under ssh. Normal /etc/shadow password is a single string password and many application will breaks with spaces and tabs while using authentication. So your account password must be a single word/string.
For example my account password can be iF33%gNCyzDy
I could create a passphrase: Th1s 1s A t3sT and s3cur3 pa$$phra$3
The advantage is simple you can use spaces and tabs to create a more secure and hard to break authentication method. This makes dictionary based attack quite difficult.
If anyone aware of more differences please add in comments section :)Share this on: