But having a script which automatically connects without the 'big ugly password' isn't a security risk? I don't follow.
Well, ssh-askpass stores your password in a hash and has some security features built into it. It's not really a simple script. It's job is to enter your pass phrase for you so do you don't have to type it in every time.
Also, you could further secure the authorized_keys file by only permitting the key to be used from a certain location, if you don't trust the security of your own private key.
It's not that I don't trust my own private key. It's that NO private key is really very secure if it isn't password protected.
On Sun, Mar 2, 2014 at 2:19 PM, Joseph Spenner joseph85750@yahoo.comwrote:
On Mar 2, 2014, at 11:55 AM, Tim Dunphy bluethundr@gmail.com wrote:
On Sun, Mar 2, 2014 at 1:26 PM, Alexander Dalloz ad+lists@uni-x.org
wrote:
Am 02.03.2014 19:16, schrieb Joseph Spenner:
Why not just use authorized_keys with an empty pass phrase?
Because that is discouraged due to security.
Alexander
But having a script which automatically connects without the 'big ugly password' isn't a security risk? I don't follow. Also, you could further secure the authorized_keys file by only permitting the key to be used from a certain location, if you don't trust the security of your own private key.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos