The sys admin’s daily grind: PWGen

CRYPTIC CODER

Article from Issue 89/2008
Author(s):

Easy to remember but still safe – this is the classic conflict when it comes to choosing a password. The PWGen tool offers a sensible compromise.

If you recall, I complained about weak passwords in issue 84. The Fail2ban tool I talked about prevents disasters, but it really only treats the symptoms. If I choose the timing parameters carefully, Fail2ban will repel brute force attacks, but it stands no chance against password post-its on the keyboard or easily guessed passwords. As is always the case in security technology, the desired degree of protection determined by the admin and convenience, which is what users prefer, are in conflict.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column

    Twitter, so everyone says, is modern, fun, sociologically illuminating and otherwise useless. Even Charly feeds a budgie – but at the console, it's a question of style.

  • Charly's Column

    Without TinyURL.com and similar URL shortening services, many Twitter postings would only have enough space left for “Look at this.” But if you run a web server yourself, you might prefer to grow your own shortener.

  • Balancing Act

    CLI tools for generating passwords have many options that can help you strike a balance between ease of use and security.

  • Charly's Column

    Conventional, woodpecker-style port knocking is open to sniffing and brute force knocking attacks. Sending an encrypted packet with an access request to the server is safer and more modern. Learn more about Firewall Knock Operator, a.k.a. Fwknop.

  • Charly's Column

    Some of Charly’s servers run the SSH daemon on port 443 rather than on the standard port 22. If an SSL-capable Apache web server starts causing trouble, his method of settling the dispute is sslh.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News