On Wed, Oct 12, 2011 at 12:48:57PM -0700, Adam Williamson wrote: > Sure. However, if you have multiple keys with multiple passphrases, then > it's extra work to compromise each key. Not true at all. If I keep my key(s) in a single location (a secure machine at my home), then either all keys in that location are secure or they've all been compromised. Someone with a rootkit on that machine can capture all of my keys and all of my passphrases. > let's say you have an account on kernel.org and one on linux.com. It > may make some kind of sense to your workflow for you to keep the > private key you use to access linux.com in your home directory on > kernel.org. If you do this, you're doing it wrong. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
