Re: SSH Question relating to Public and Private Keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Clint Dilks wrote:
1. Currently all of the key pairs we are using have empty passphrases is it worth the effort of changing this and setting up ssh-agent compared to what you gain in security by doing this ?

Certainly, adding passphrases nudges the security up a step, as otherwise a compromised account means the offender can log onto any other system - or in the case of compromised root, can log in anywhere as anyone..

It comes down to, like all security measures, a balancing act between security and ease-of-use.. You need to take into consideration what data is around the systems, and what the worst case scenario would be..

--
Cheers,
Morten
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux