Re: ssh

From: Andrew Sackville-West <andrew@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 28 Feb 2007 10:43:23 -0800

On Wed, Feb 28, 2007 at 05:35:42PM +0100, Sven Arvidsson wrote:

On Wed, 2007-02-28 at 09:55 -0500, Roberto C. Sanchez wrote:

Ahh. That's what I was afraid of. Having ssh keys without a passphrase
is convenient, but very insecure. You are better off without the keys.
For the longest time I did not understand that, then some kind soul on
this list pointed to ssh-agent and keychain. Very minor inconvenience
(enter the passphrase once when you login), and *much* more secure.

Another great package is libpam-ssh, unlocking your ssh keys at login
time, meaning you will only need to type a password once.

because I'm too lazy to research it, why is this any better than a
passwordless key? If someone is using your login then your ssh keys
are unlocked.

A

Attachment: signature.asc
Description: Digital signature

Follow-Ups:
- Re: ssh
  - From: Allan Wind
- Re: ssh
  - From: Roberto C. Sanchez

References:
- Re: ssh
  - From: Guillermo Garron
- Re: ssh
  - From: Guillermo Garron
- Re: ssh
  - From: Roberto C. Sanchez
- Re: ssh
  - From: Giacomo Montagner
- Re: ssh
  - From: Roberto C. Sanchez
- Re: ssh
  - From: Sven Arvidsson

Prev by Date: Re: fvwm
Next by Date: Desktop (was: Re: Firefox/Iceweasel's weird close/quit behaviour)
Previous by thread: Re: ssh
Next by thread: Re: ssh
Index(es):
- Date
- Thread

Relevant Pages

Re: ssh
... You are better off without the keys. ... For the longest time I did not understand that, then some kind soul on ... unlocking your ssh keys at login ...
(Debian-User)
Re: I guess they cant revoke your soul for trying
... For the longest time, I always wondered why, and more importantly how, ... Bobby went about flashing his keys down on Main Street. ...
(rec.music.gdead)
Re: ssh password problem
... using rsa public keys. ... This keyword can be followed by a list of user name patterns, ... Login is disallowed for user names that ... The allow/deny directives are processed in the following ...
(Fedora)
RE: Single Sign On - Transfer of credential between webapps....
... You'll want to provide your own values forthe keys. ... > Change the loginUrl to be that of your login page. ... > Now, in your other applications (Webapp2 for example), you can get at the ... >> One of my website is used to login user: ...
(microsoft.public.dotnet.framework.aspnet)
Re: looking for a solution
... "Karolski" wrote in message ... > This is my first post here, so please, be patient. ... > (giving their password and login). ... As far as security keys and web development go, I have a table of logins ...
(comp.lang.java.programmer)