>>>>> "Jens" == Jens B Jorgensen <[EMAIL PROTECTED]> writes:
Jens> That's what ssh-agent is for. You run ssh-agent and it will Jens> output environment variable for a unix domain socket. Then Jens> you run ssh-add and type in your passphrase. The ssh-agent Jens> caches your key and access is limited to your user Jens> (permissions on the unix socket). This is not secure enough Jens> for some of course. I think if you don't trust your local computer, then you off to a bad start anyway. ie anybody could modify your ssh, and capture your password and private key. IMHO, the biggest security risks of ssh are: 1. if you forward your ssh-agent to other computers (enabled by default???), then you must also trust these computers. I personally have ssh-agent forwarding turned off by default. 2. the danger that somebody would steal you private key, and run a off-line dictionary attack to try and guess your passphrase. Once this is done, the intruder can access your remote accounts for as long as the public key remains in place. Some people don't consider this an issue, while others consider it a serious design problem in public key infrastructure. -- Brian May <[EMAIL PROTECTED]>