Wayne Davison wrote:
On Thu, Oct 20, 2005 at 01:15:54AM +0100, Manuel L?pez-Ib??ez wrote:
For example, isn't it possible for the root of middle (or some
attacker) to get my keys and use them?
No, that's not how ssh keys work at all. Firstly, you only need to put
the *public key* on the middle host and the destination host, not your
private key (which only needs to be on your local system). Secondly,
you should have encrypted your private key on your own host, so that it
must be decrypted with a pass phrase. This makes everything work
securely. As long as ssh is configured to forward the ssh-agent data,
the remote systems will allow a chain of ssh accesses that originates
from your local system (which will have prompted you for the key's pass
phrase only at the first use of the key). This is a much better way to
configure ssh than to try to do multiple hops using passwords.
Can rsync work while ssh-agent is forwarding data?
Cheers,
Manuel.
______________________________________________
Renovamos el Correo Yahoo!
Nuevos servicios, más seguridad
http://correo.yahoo.es
--
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
