On 04/08/11 09:15, Ivan Shmakov wrote:
Alan Chandler<alan@chandlerfamily.org.uk> writes:> (I actually have loads of these in my config file for all different > combinations of username and host - I also tend to make different key > pairs for each host which is why I am specifying an IdentityFile in > each.) Why? The asymmetric cryptography employed by SSH is there precisely to /not/ have multiple “secrets” on the side of the party being authenticated.
Two things1) Legacy through a desire to limit issues when I was carrying around the private key on a laptop,
2) Lack of thinking things through on my part.What I should really do is consolidate down to one key for my static desktop and another key I am prepared to dispose of if the device its in gets lost.
I like to have a private key with no pass phrase to use within the privacy of my own home. Obviously anything mobile needs a pass phrase to protect it.
-- Alan Chandler http://www.chandlerfamily.org.uk