That's incredibly tenuous.

Also I don't think you know much about asymmetric encryption or the SSH protocol either.

So if I have your private key and your hosts definition in your ssh config, you're still secure?

Cool, send them to me and I'll show you otherwise. My email address is in my profile.

The point was that nuance is important. Keyspace size, the cost and penalties of a guess, if any information leaks in the process, these are important.

These cutesy memorable rhyming platitudes in any discipline are usually either meaningless or counterproductive.

I could for instance, use a very long base64 url endpoint as effectively a shared password. If you look at the cost, leakage, and keyspace analysis you can tell why it works or it doesn't far more than the old obscurity aphorism.

I think some of computer security theory could be taught via physical lockpicks pretty well so long as the students actually do the physical lockpicking act. I think the concepts translate well to the material reality especially if you have a large diversity of locks.

It actually sounds like a pretty brilliant educational approach.

Computer security through lockpicking. Requirements: introductory number theory, discrete mathematics, 2 or more programming classes

Please don't post like this, i.e. just putting someone else down. It's not in the spirit of the site and doesn't add any information. If you know more, that's great, but in that case please share some of what you know, so we all can learn.

https://news.ycombinator.com/newsguidelines.html