My talk Sudo: You’re Doing It Wrong is now live on YouTube. (Thanks to TJ for letting me know.) The talk is based on my book Sudo Mastery.
This talk went better than my NYCBSDCon talk. Probably because I hadn’t confused “buzzing with caffeine, adrenaline, and sleeplessness” with “raging tonsilitis.” The Q&A at the end took us wildly astray, and ended with the general conclusion that “Lucas needs to present to mug.org about how to use SSH correctly.”
I gave away a couple books, one Sudo Mastery and one SSH Mastery. The SSH book went to the first person to raise their hand and admit that they used passwords with SSH.
But I’m sure none of you use password-only authentication with SSH. You’re all good, decent, moral people who wouldn’t do anything that vile.
I would be interested in your feedback (a security review) of my tool github-keygen that tries to create the most secure SSH settings for Github access.
https://github.com/dolmen/github-keygen/
Olivier,
Thanks for the thought, but I’m really not the right person for this. I’m a writer and a sysadmin, not a security guy. I download from Github, but that’s about it. 🙁