Re: ssh

From: "Guillermo Garron" <guillermo.fedora@xxxxxxxxx>
Date: Wed, 28 Feb 2007 18:01:07 -0400

On 2/28/07, Sven Arvidsson <sa@xxxxxxx> wrote:

On Wed, 2007-02-28 at 17:29 -0400, Guillermo Garron wrote:
> I use this method, (without passphrase) to be able to run script (with
> cronjob) from one machine into other, if I put a passphrase that is
> not going to work, am I right?
>
> Anyway to get my key, a "hacker" will need access to my PC right? if
> both PCs are secured there should be no chance to get my keys stolen.

There are actually ways of minimising the damage, should the key fall in
wrong hands. You can on the server specify from what hosts a certain key
can connect from, and what commands can be run.

See the section authorized_keys file format from the sshd man page.
http://www.debian-administration.org/articles/152 (see comments)

thank you..
--
Guillermo Garron
"Linux IS user friendly... It's just selective about who its friends are."
(Using FC6, CentOS4.4 and Ubuntu 6.06)
http://feeds.feedburner.com/go2linux
http://www.go2linux.org

--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

References:
- Re: ssh
  - From: Guillermo Garron
- Re: ssh
  - From: Guillermo Garron
- Re: ssh
  - From: Roberto C. Sanchez
- Re: ssh
  - From: Giacomo Montagner
- Re: ssh
  - From: Roberto C. Sanchez
- Re: ssh
  - From: Guillermo Garron
- Re: ssh
  - From: Sven Arvidsson

Prev by Date: Re: ssh
Next by Date: bluetooth advertising
Previous by thread: Re: ssh
Next by thread: Re: ssh
Index(es):
- Date
- Thread

Relevant Pages

RE: wget or wput
... it can do HTTP POST and file upload, ... a key with no passphrase. ... Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org ... To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list ...
(Fedora)
Re: Mail-list PGP Keys
... > You need to configure KDE and Kmail to recognize the gpg plugin. ... I had 'Keep passphrase in memory' enabled when I went through the instructions ... work fine as far as reading emails you people send with a MIME pgp key. ... To unsubscribe, ...
(freebsd-questions)
Re: Where do you run ssh-keygen, server or client.
... was generated with a high quality pseudo-random number generator using 20 characters consisting of letters, ... The key strength is 4096 and is rsa. ... If you forget that passphrase you cannot recover ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". ...
(Debian-User)
[Semi-OT] Retrieving those old passphrases (was Re: Query on adding a USB hdd)
... Fortunately I've been using one and the same passphrase for ... needs to be a key escrow process so that 8 years later when the ... Give a man a fish, and he eats for a day. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ...
(Debian-User)
Re: SSH login automation, get stuck at the last step.
... I hope you managed to create the keys with the script. ... I have modified Uwe's script to handle passphrase. ... puts stderr "EXP username requested and sent " ...
(comp.lang.tcl)