Mechanism-not-policy violations continue to irritate me

I find this infuriating. People who write security software get hung up on the most ridiculous nonsense in ways that make my system less secure.¬†Exampli gratia, OpenSSH simply will not use public key authentication if it decides my keys are not stored sufficiently securely, and will fall back to password authentication. That is, it will… Continue reading “Mechanism-not-policy violations continue to irritate me”