ons 2011-10-12 klockan 12:20 -0700 skrev Adam Williamson: > Sure there is. There's the exact same problem as using the same password > across multiple projects: if someone compromises the key they have > compromised all of those projects. If you use a different key for each > project, an attacker can only compromise one project with any given key. To compromise my SSH key they need to compromise the location where my key is stored and the key encryption passprase. If they manage to do that then any key I have stored there is at equal risk, or anything else I have on my computers or any system I have accessed meanwhile. Accessing a compromised system using an SSH key do not place the key as such at risk. There only is a slight risk if you have agent forwarding enabled that the key may be used (not copied or stolen) while you are logged in and is why agent forwarding SHOULD be disabled by default (and is by default). Accessing a compromised system using a password immediately gives the password away. Regards Henrik -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
