|
|
|
|
|
|
by tialaramex
1543 days ago
|
|
|
Passwords are a shared secret. I'm not sure I'd choose the word "insecure" but only because it's too black and white when the reality is more nuanced. They are clearly worse than doing public key auth which is the alternative and is Mandatory To Implement in the SSH (SecSH) RFCs. Nobody said anything about requiring certificates in SSH, just public keys as authentication. |
|
|
Of course they're super niche now and none of them are standardized so they're basically impossible to use, and SSH doesn't support them, so this is a pedantic nitpick instead of some sort of insightful observation.