On Wed, Feb 28, 2007 at 10:43:23AM -0800, Andrew Sackville-West wrote: > On Wed, Feb 28, 2007 at 05:35:42PM +0100, Sven Arvidsson wrote: > > > > Another great package is libpam-ssh, unlocking your ssh keys at login > > time, meaning you will only need to type a password once. > > because I'm too lazy to research it, why is this any better than a > passwordless key? If someone is using your login then your ssh keys > are unlocked. > I think because this defends against outside attack. If you let someone use your login (even if your keys have a passphrase) and you have them loaded into ssh-agent, then you have the same problem. Regards, -Roberto -- Roberto C. Sanchez http://people.connexer.com/~roberto http://www.connexer.com
Attachment:
signature.asc
Description: Digital signature