Re: SSH Question relating to Public and Private Keys

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Tuesday 15 April 2008, Clint Dilks wrote:
> 1. Currently all of the key pairs we are using have empty passphrases is
> it worth the effort of changing this and setting up ssh-agent compared
> to what you gain in security by doing this ?

To get a clear idea of what keys with no passphrases are like consider the 
idea that users put their regular password in /home/$USER/my_passwd.txt

We try our very best to stop any use of key-pairs without passphrase. All 
modern distros have ssh-agents. Using it is trivial, not using it is lazy. 
For extra security use "ssh-add -c" and you'll know when your agent is 
actually signing stuff.

/Peter

Attachment: signature.asc
Description: This is a digitally signed message part.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux