From: Greg Wooledge (
Date: 06/17/03

  • Next message: Anurag Bhatia: "PAM based authentication?"
    Date: Tue, 17 Jun 2003 13:48:33 -0400
    To: "Zieg, Mark" <>

    On Tue, Jun 17, 2003 at 10:34:47AM -0400, Zieg, Mark wrote:

    > > 1. This command created both a private and public keys. Will it be
    > > advisable if I remove the id_rsa (private) from /home/servie and put in
    > > a safe place such a floppy, just in case, in the event my user account
    > > has been compromised?
    > If your account gets compromised, then the hacker has your private key, and
    > thus your keypair is compromised. Therefore, you wouldn't want to continue
    > using your old private key, so there's no point in keeping a backup.

    Check the paragraph again; Servie is saying that the floppy would be
    used *instead* of ~/.ssh for storing the public key. I've heard of
    other people using a USB storage keyring for similar purposes. The
    tricky part here is making the access as convenient as possible (e.g.
    automounting the removable device when ~/.ssh/ is accessed,
    possibly using a symlink, etc.).

  • Next message: Anurag Bhatia: "PAM based authentication?"