ssh server encrypted key vs password login

Question

In an openssh-server login to a GNU/Linux machine

to use a private ssh key encrypted with an N-characters passphrase, then sshd_config:

PasswordAuthentication no
PubkeyAuthentication yes

is it equivalent to use a login with a password that is always N-characters long?

PasswordAuthentication yes
PubkeyAuthentication no

in the event of a bruteforce attack.

One uses SSH keys and the other uses plain password authentication. Is that the whole question? — Sir Muffington, Mar 03 '22 at 20:15

mti2935 · Answer 1 · 2022-03-08T14:39:24.213

3

Your first example shows a configuration where password authentication is disabled, and key-based authentication is enabled. The second example is the opposite of the first.

With regard to 'N': The keys used in key-based authentication would typically have at least 128 bits of entropy. To have an equivalent amount of entropy using a password (and thus, to have an equal amount of resistance to a brute-force attack), the password would need to be randomly generated, and its length (N) would need to be at least 20 characters (possibly more depending on the character set used). See How many bits of entropy should a password have to be reasonably future proof (10+ years)? for more info.

edited Mar 08 '22 at 14:39

answered Mar 03 '22 at 19:10

mti2935

23,468
2
53
73

so it should have the same amount of bits as the private key without passprhase? – stefd Mar 08 '22 at 14:31
To be equally resistant to a brute-force attack, yes. I edited my answer to clarify this. – mti2935 Mar 08 '22 at 14:39
ok, I will wait for some other answers to have a comparison before accepting this one – stefd Mar 08 '22 at 14:55
1

OP, your question is "is it safe"? This is different from asking about equivalent entropy. There are many differences between passwords and ssh keys, not just number of bits. In password-based authentication you always have to send the password to the server. This is less safe than ssh-key-based authentication regardless of the password length. In ssh-key-based authentication, you don't ever send the actual secret to the server, which is one reason why it is better than a password regardless of password length. This question is already answered elsewhere on this site. – hft Mar 08 '22 at 16:42
I haven't found a question like this – stefd Mar 09 '22 at 19:40
It's literally linked directly in your now-closed question. – hft Mar 09 '22 at 20:37

ssh server encrypted key vs password login

1 Answers1