>>>>> Alan Chandler <a...@chandlerfamily.org.uk> writes: >>>>> On 04/08/11 09:15, Ivan Shmakov wrote: >>>>> Alan Chandler <a...@chandlerfamily.org.uk> writes:
>>> (I actually have loads of these in my config file for all different >>> combinations of username and host - I also tend to make different >>> key pairs for each host which is why I am specifying an >>> IdentityFile in each.) >> Why? The asymmetric cryptography employed by SSH is there precisely >> to /not/ have multiple “secrets” on the side of the party being >> authenticated. > Two things > 1) Legacy through a desire to limit issues when I was carrying around > the private key on a laptop, > 2) Lack of thinking things through on my part. > What I should really do is consolidate down to one key for my static > desktop and another key I am prepared to dispose of if the device its > in gets lost. Well, I didn't say that I use a single key, either. Actually, there're a few hosts that I may be starting the SSH client on, and so each of them gets a key. It was the key per /target/ host part that made me wonder. > I like to have a private key with no pass phrase to use within the > privacy of my own home. Obviously anything mobile needs a pass phrase > to protect it. Yes. -- FSF associate member #7257 Coming soon: Software Freedom Day http://mail.sf-day.org/lists/listinfo/ planning-ru (ru), sfd-discuss (en) -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/864o1fxqlu....@gray.siamics.net