[Semibug] Generate random passwords?
Jonathan Drews
jondrews at fastmail.com
Mon Jul 26 00:28:34 EDT 2021
On Sun, Jul 25, 2021 at 12:43:07PM -0400, Nick Holland wrote:
> On 7/17/21 1:09 PM, Thomas Levine wrote:
> > Mike Wayne wrote:
> > > I rather despise having to install a package (or, much worse,
> > > multiple packages) for something so simple.
> >
> > openssl is in base.
>
> sorry, bit late in catching up on stuff...
>
>
>
> pwgen is really nice in that it creates semi-memorable passwords., not
> just totally random gibberish you will never be able to remember. It
> is a good tool for PWs that you have to use regularly and without a pw
> manager. That does cost you a certain degree of randomness, obviously.
> Still, I found it useful enough I put it on-line:
>
> https://holland-consulting.net/cgi-bin/pwsug
>
> However, do note the warning at the top of the page. I absolutely don't
> trust other people's PW generators, so I reinvented that wheel very
> deliberately for my own use, but you are welcome to use it. :)
>
Nick:
Thanks for the advice. I am hoping to get an OpenBSD webserever on
Vultr and setup a blog there. The strong password question was of
interest to me, especially after reading this:
https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html
Some excerpts that were good advice to a newbie like me:
"The attackers were hungry for root, so having PermitRootLogin no in
our sshd config anywhere Internet facing proved to be a good idea. "
"Stay away from guessable passwords
Watch for weird files (stuff you didn't put there yourself) anywhere
in your file system, even in /tmp.
Internalize the fact that PermitRootLogin yes is a bad idea"
More information about the Semibug
mailing list