>
> But having a script which automatically connects without the 'big ugly
> password' isn't a security risk?
> I don't follow.
Well, ssh-askpass stores your password in a hash and has some security
features built into it. It's not really a simple script. It's job is to
enter your pass phrase for you so do you don't have to type it in every
time.
> Also, you could further secure the authorized_keys file by only permitting
> the key to be used from a certain location, if you don't trust the security
> of your own private key.
It's not that I don't trust my own private key. It's that NO private key is
really very secure if it isn't password protected.
On Sun, Mar 2, 2014 at 2:19 PM, Joseph Spenner <joseph85750@xxxxxxxxx>wrote:
>
>
>
> On Mar 2, 2014, at 11:55 AM, Tim Dunphy <bluethundr@xxxxxxxxx> wrote:
>
> >
> >> On Sun, Mar 2, 2014 at 1:26 PM, Alexander Dalloz <ad+lists@xxxxxxxxx>
> wrote:
> >>
> >> Am 02.03.2014 19:16, schrieb Joseph Spenner:
> >>
> >>> Why not just use authorized_keys with an empty pass phrase?
> >>
> >> Because that is discouraged due to security.
> >>
> >> Alexander
> >>
> >> _______________________________________________
> >>
>
> But having a script which automatically connects without the 'big ugly
> password' isn't a security risk?
> I don't follow.
> Also, you could further secure the authorized_keys file by only permitting
> the key to be used from a certain location, if you don't trust the security
> of your own private key.
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
--
GPG me!!
gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
