[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SSH passphrases
From: |
Reinhold Kainhofer |
Subject: |
Re: SSH passphrases |
Date: |
Sat, 20 Feb 2010 12:50:19 +0100 |
User-agent: |
KMail/1.13.0 (Linux/2.6.31-19-generic; KDE/4.4.0; i686; ; ) |
Am Samstag, 20. Februar 2010 06:40:40 schrieb Mark Polesky:
> Does everyone use a passphrase for SSH? The ssh-keygen
> program allows for no passphrase, so I'm wondering if anyone
> decides not to use one. How bad would it be to push and
> pull without one?
The communication itself is secure. As long as you are the only one with
access to the private key, things are secure, but as soon as someone else
gained access to you private key, (s)he can do anyting. If you have a
passphrase set, there's one additional barrier in there, which makes ssh
authorization more secure.
BTW, I'm using a passphrase-protected key, but also employ the ssh-agent, so
I'm asked only once for the passphrase and all subsequent uses of the key will
have the credentials cached. That way, I have the best of both worlds...
Cheers,
Reinhold
--
------------------------------------------------------------------
Reinhold Kainhofer, address@hidden, http://reinhold.kainhofer.com/
* Financial & Actuarial Math., Vienna Univ. of Technology, Austria
* http://www.fam.tuwien.ac.at/, DVR: 0005886
* LilyPond, Music typesetting, http://www.lilypond.org