The only real danger comes if the laptops are lost and recovered by someone who has any idea about linux. If you just regenerate the hosts key and/or otherwise render the key on the laptop invalid, then you're at no risk.
Most people tend to notice fairly quickly if their laptop is missing. You can further alleviate the problem by minimizing what IP's the server will accept SSH connections from. If you travel a lot there are a dozen different ways to setup port-knocking type routines to automate this. > -----Original Message----- > > Ted - > > I'm just looking for a little bit of clarification here. Are > the laptops being used as clients to connect to remote > systems? In other words, you're logging in to servers from > the laptop(s) without requiring keyboard input (specifically, > passwords)? > > If this is the case, in my opinion the solution is quite > simple. Don't do that! 8) Seriously, this sounds like an > inherently insecure idea. > Again, providing I'm understanding the setup correctly, I > would do what you say above and generate new public/private > keys for use on the laptops ... but I certainly wouldn't make > them passwordless. > > -- > "Pay attention son! You've got the attention span of an art > major in a computer cluster!" - Sam Stoddard > > Cole Tuininga > Lead Developer > Code Energy, Inc > [EMAIL PROTECTED] > PGP Key ID: 0x43E5755D > > > _______________________________________________ > gnhlug-discuss mailing list > gnhlug-discuss@mail.gnhlug.org > http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss > _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
