On Tue, Aug 30, 2005 at 08:12:47PM -0700, Sebastian Smith wrote: ... > Why not have a passphrase-less ssh key? Well... it breaks the public key > crytography. If you don't require a passphrase there is no way to > validate that the connecting user is who they say they are (I'm sure you
I don't agree, but maybe I just don't understand. When an ssh key public/private key pair is created I can choose to add a layer of protection to the private half in the form of a passphrase which, if I'm not mistaken, is used to encrypt the private key. this makes it so I have to enter the passphrase in order to "unlock" the private key so that I can use it. everything else is the same. right? this would only break public key crypto if I always left my private key in a place where someone else could reach it. I only create passphrase-less keys using the root account on well protected systems I admin, so it think they can be trusted pretty well. - Ben _______________________________________________ RLUG mailing list [email protected] http://lists.rlug.org/mailman/listinfo/rlug
