SSH private keys, dangerous to carry around or not. Was Re: Where do you run ssh-keygen

To: debian-user@lists.debian.org
Subject: SSH private keys, dangerous to carry around or not. Was Re: Where do you run ssh-keygen
From: Nathaniel Homier <nathaniel.homier@bresnan.net>
Date: Tue, 10 Jun 2008 02:26:21 -0600
Message-id: <[🔎] 484E3AAD.1040903@bresnan.net>
In-reply-to: <774593a20806100112offe2d34hd37c5847a3a3f397@mail.gmail.com>
References: <[🔎] 484CFA2C.1090505@bresnan.net> <[🔎] g2jn8n$5bj$1@ger.gmane.org> <[🔎] 484D9E89.6070407@bresnan.net> <774593a20806092144y4d3cdbfm57ee060cbfe698b7@mail.gmail.com> <[🔎] 484E2F09.5000204@bresnan.net> <774593a20806100039k167665f2sbe94ff908a0ee394@mail.gmail.com> <[🔎] 484E34B1.7040903@bresnan.net> <774593a20806100112offe2d34hd37c5847a3a3f397@mail.gmail.com>

Sudev Barar wrote:

2008/6/10 Nathaniel Homier <nathaniel.homier@bresnan.net>:

all is well.  I carry my public and private key on my thumb drive and the
private key is protected with a passphrase.

Whoops .. do not carry your private key around. No. Keep it somewhere
only you can access and rsik of loosing it is zilch - almost.

I have the private key backed up on a desktop computer.  The pass phrase was
generated with a high quality pseudo-random number generator using 20
characters consisting of letters, numbers and symbols.  The key strength is
4096 and is rsa.


Yes, but if you are carrying private key in your pen drive and you
loose it or some one copies it your total security is compromised
howsoever strong encryption algorithm was used to generate the key
pair.

I was under the impression that the pass phrase encrypted the file andthat to make use of the private key I would have to supply my passphrase, so I thought the private key was useless without the passphrase. The 4096 bit just means that it would be pretty much impossiblewith todays tech to brute force the pass phrase, even more so since Iuse 20 characters. Every time I use the private key I have to supplythe pass phrase or I won't be able to connect to the ssh server. But Icould be wrong.

Reply to:

Follow-Ups:
- Re: SSH private keys, dangerous to carry around or not. Was Re: Where do you run ssh-keygen
  - From: Jochen Schulz <ml@well-adjusted.de>

References:
- Where do you run ssh-keygen, server or client.
  - From: Nathaniel Homier <nathaniel.homier@bresnan.net>
- Re: Where do you run ssh-keygen, server or client.
  - From: "H.S." <hs.samix@gmail.com>
- Re: Where do you run ssh-keygen, server or client.
  - From: Nathaniel Homier <nathaniel.homier@bresnan.net>
- Re: Where do you run ssh-keygen, server or client.
  - From: Nathaniel Homier <nathaniel.homier@bresnan.net>
- Re: Where do you run ssh-keygen, server or client.
  - From: Nathaniel Homier <nathaniel.homier@bresnan.net>

Prev by Date: mozplugin
Next by Date: Need informations to point out a potential bug
Previous by thread: Re: Where do you run ssh-keygen, server or client.
Next by thread: Re: SSH private keys, dangerous to carry around or not. Was Re: Where do you run ssh-keygen
Index(es):
- Date
- Thread