[CentOS] scp scripting question
Gordon Messmer
yinyang at eburg.com
Sat Oct 13 02:02:05 UTC 2012
On 10/12/2012 01:56 PM, Les Mikesell wrote:
> On Fri, Oct 12, 2012 at 3:44 PM, Nux! <nux at li.nux.ro> wrote:
>>
>> Yep, exactly right. People in #openssh confirmed -i HAS to be a real
>> path to a file.
>
> Not very unix-like behavior...
Yes, it is. The alternative is for -i to take a file or a key as an
argument, and that leads to ambiguous behavior.
I would offer that the behavior of zsh in Mark's request is neat, but
not great security. The content of the private key on a remote machine
is being written to the local machine's /tmp filesystem. Read
permission will be limited to the user running zsh, so it's not super
horrible (and I'm guessing that zsh uses O_EXCL to prevent race
conditions that would expose the key). All the same, I keep my keys in
an encrypted volume because they grant me access to my customer's
systems. The idea of writing them to a filesystem that's not encrypted
is just creepy.
More information about the CentOS
mailing list