Re: how to examine ssh problem
>>>>> Alan Chandler <alan@chandlerfamily.org.uk> writes:
>>>>> On 04/08/11 09:15, Ivan Shmakov wrote:
>>>>> Alan Chandler <alan@chandlerfamily.org.uk> writes:
>>> (I actually have loads of these in my config file for all different
>>> combinations of username and host - I also tend to make different
>>> key pairs for each host which is why I am specifying an
>>> IdentityFile in each.)
>> Why? The asymmetric cryptography employed by SSH is there precisely
>> to /not/ have multiple “secrets” on the side of the party being
>> authenticated.
> Two things
> 1) Legacy through a desire to limit issues when I was carrying around
> the private key on a laptop,
> 2) Lack of thinking things through on my part.
> What I should really do is consolidate down to one key for my static
> desktop and another key I am prepared to dispose of if the device its
> in gets lost.
Well, I didn't say that I use a single key, either. Actually,
there're a few hosts that I may be starting the SSH client on,
and so each of them gets a key.
It was the key per /target/ host part that made me wonder.
> I like to have a private key with no pass phrase to use within the
> privacy of my own home. Obviously anything mobile needs a pass phrase
> to protect it.
Yes.
--
FSF associate member #7257 Coming soon: Software Freedom Day
http://mail.sf-day.org/lists/listinfo/ planning-ru (ru), sfd-discuss (en)
Reply to: