[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: how to examine ssh problem

>>>>> Alan Chandler <alan@chandlerfamily.org.uk> writes:
>>>>> On 04/08/11 09:15, Ivan Shmakov wrote:
>>>>> Alan Chandler <alan@chandlerfamily.org.uk>  writes:

 >>> (I actually have loads of these in my config file for all different
 >>> combinations of username and host - I also tend to make different
 >>> key pairs for each host which is why I am specifying an
 >>> IdentityFile in each.)

 >> Why?  The asymmetric cryptography employed by SSH is there precisely
 >> to /not/ have multiple “secrets” on the side of the party being
 >> authenticated.

 > Two things

 > 1) Legacy through a desire to limit issues when I was carrying around
 > the private key on a laptop,

 > 2) Lack of thinking things through on my part.

 > What I should really do is consolidate down to one key for my static
 > desktop and another key I am prepared to dispose of if the device its
 > in gets lost.

	Well, I didn't say that I use a single key, either.  Actually,
	there're a few hosts that I may be starting the SSH client on,
	and so each of them gets a key.

	It was the key per /target/ host part that made me wonder.

 > I like to have a private key with no pass phrase to use within the
 > privacy of my own home.  Obviously anything mobile needs a pass phrase
 > to protect it.


FSF associate member #7257	Coming soon: Software Freedom Day
http://mail.sf-day.org/lists/listinfo/ planning-ru (ru), sfd-discuss (en)

Reply to: