Re: ssh keys from two behind-the-firewall boxes?

To: <debian-user@lists.debian.org>
Subject: Re: ssh keys from two behind-the-firewall boxes?
From: "nate" <debian-user@aphroland.org>
Date: Sat, 1 Feb 2003 12:57:08 -0800 (PST)
Message-id: <[🔎] 36884.10.10.10.7.1044133028.squirrel@webmail.linuxpowered.net>
In-reply-to: <[🔎] 20030201203933.GD23200@mail.serensoft.com>
References: <1044064595.1014.14.camel@Lukeme> <[🔎] Pine.LNX.4.10.10302010712300.21884-100000@mardy.hank.org> <[🔎] 20030201203933.GD23200@mail.serensoft.com>

will trillich said:

> at what point are the passphrases required? if passwordless
> login/scp is the objective, where are the passphrases used?

ssh-agent is designed to prompt you for your passphrase, then
it stores it in memory, and automatically 'inputs' it when you
connect. That is until you logout or reboot or something. I
have never used ssh-agent myself. for my personal account I
use SSH w/passphrase and just input it every time. I use
passphrase-less keys for mostly non interactive stuff.

running w/o a passphrase is still probably the most common
way to perform automated tasks. that is, stuff from cron etc.

if the system is properly secured the chance of a key getting
compromised is not that great.

on my more secure systems I lock them down to key logins only,
so even if they have my root password or account password they
have no opportunity to input them.

nate

Reply to:

Follow-Ups:
- Re: ssh keys from two behind-the-firewall boxes?
  - From: sean finney <seanius@seanius.net>

References:
- Re: ssh keys from two behind-the-firewall boxes?
  - From: Bill Moseley <moseley@hank.org>
- Re: ssh keys from two behind-the-firewall boxes?
  - From: will trillich <will@serensoft.com>

Prev by Date: Re: Desktop environment---what am I missing?
Next by Date: Re: CD Burner and ide-scsi emulation
Previous by thread: Re: ssh keys from two behind-the-firewall boxes?
Next by thread: Re: ssh keys from two behind-the-firewall boxes?
Index(es):
- Date
- Thread