Re: ssh-askpass in bash script

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



>
> But having a script which automatically connects without the 'big ugly
> password' isn't a security risk?
> I don't follow.


Well, ssh-askpass stores your password in a hash and has some security
features built into it. It's not really a simple script. It's job is to
enter your pass phrase for you so do you don't have to type it in every
time.



> Also, you could further secure the authorized_keys file by only permitting
> the key to be used from a certain location, if you don't trust the security
> of your own private key.


It's not that I don't trust my own private key. It's that NO private key is
really very secure if it isn't password protected.


On Sun, Mar 2, 2014 at 2:19 PM, Joseph Spenner <joseph85750@xxxxxxxxx>wrote:

>
>
>
> On Mar 2, 2014, at 11:55 AM, Tim Dunphy <bluethundr@xxxxxxxxx> wrote:
>
> >
> >> On Sun, Mar 2, 2014 at 1:26 PM, Alexander Dalloz <ad+lists@xxxxxxxxx>
> wrote:
> >>
> >> Am 02.03.2014 19:16, schrieb Joseph Spenner:
> >>
> >>> Why not just use authorized_keys with an empty pass phrase?
> >>
> >> Because that is discouraged due to security.
> >>
> >> Alexander
> >>
> >> _______________________________________________
> >>
>
> But having a script which automatically connects without the 'big ugly
> password' isn't a security risk?
> I don't follow.
> Also, you could further secure the authorized_keys file by only permitting
> the key to be used from a certain location, if you don't trust the security
> of your own private key.
>
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux