[CentOS] ssh-askpass in bash script

Les Mikesell lesmikesell at gmail.com
Mon Mar 3 15:41:07 UTC 2014


On Mon, Mar 3, 2014 at 8:25 AM, Peter Eckel <lists at eckel-edv.de> wrote:
> Hi Les,
>
>> Errr, 'unattended jobs' are the main reason for having computers.
>
> I differentiate here between desktop machines and servers ... regarding servers you're definitely right, but though I don't have reliable data I'd say from experience that the vast majority of ssh keys are stored on desktop systems used to administer servers. And those are exactly the ones I'd rather never see being used without a strong passphrase.

That distinction is blurred for me.  While I usually have a Windows
desktop or laptop in front of me at work and a Mac at home, my actual
work 'Desktop" is a long-running freenx/NX (or recently x2go) session
from one of the CentOS servers and I just connect to it from whatever
device I'm using - which will handle it as just another window.  I
might run email/browsers, etc. from the local device, but server
administration operations are done from the NX/x2go session so the
keys involved would be stored on a server in a secure location - and
one that is always up for cron jobs, etc.   Aside from the convenience
of being able to pick up the running session from different devices,
this approach eliminates the hassle of dealing with Linux video
drivers and still gives pretty good performance even when the server
is at a different location.

-- 
   Les Mikesell
     lesmikesell at gmail.com



More information about the CentOS mailing list