Re: Palm to FreeBSD using ssh
From: Timothy Luoma (lists_at_tntluoma.com)
Date: Mon, 29 Aug 2005 15:22:31 -0400 To: "Mark Senior" <Mark.Senior@gov.ab.ca>
On Aug 29, 2005, at 3:18 PM, Mark Senior wrote:
> The exchange of data over the network is safe enough against
> snooping or
> alteration, (assuming the attacker doesn't know the private key)
> you use an RSA or DSA key.
> Theft is a different threat though - the type of key doesn't matter
> then, the strength of the passphrase that's protecting it is what
> matters. If the private key is stored unencrypted on a palm pilot and
> someone steals it, then any servers that allow logins with that key
> at risk until you can delete the corresponding public keys from your
> authorized_keys files.
Ah... ok... let's say, for example, purely hypothetically... assume I
made a pretty weak pass phrase because I had a heck of a time getting
it to work at all and by the time it finally did work I was using a
weak pass phrase.
Can I now change the phrase or do I need to make a new set of keys, etc?