On Fri, 18 Oct 2002, Johan De Meersman wrote: > >>You can also allow root ssh from localhost > >>only, adding a tiny bit more security still by not su-ing but ssh-ing to > >>root. > >> > >> > > > >Never thought of this -- good stuff. Will using ssh-agent instead of > >typing ssh passphrase into the remote server hinder attackers ?? > > > > > I don't think so - ssh-agent is useful on your actual workstation, when > you have to do regular logins - it caches the passphrase without the
Thanks. To get this tiny benefit, where should I store the private certificate for ssh-ing to root? On the local workstation or the remote server? David