Re: Keyphrase for the server's secret key
From: Darren Dunham (ddunham_at_redwood.taos.com)
Date: 08/29/04
- Previous message: Torsten Bronger: "Keyphrase for the server's secret key"
- Maybe in reply to: Torsten Bronger: "Keyphrase for the server's secret key"
- Next in thread: Torsten Bronger: "Re: Keyphrase for the server's secret key"
- Reply: Torsten Bronger: "Re: Keyphrase for the server's secret key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 28 Aug 2004 23:15:31 GMT
Torsten Bronger <bronger@physik.rwth-aachen.de> wrote:
> Hallöchen!
> I'm just curious: I was told that it's very wise to protect one's
> secret key (being an ssh client) with a key phrase. However, the
> sshd server also has a secret key. But there is no way to protect
> it with a similar, is it? So I assume it isn't necessary. But why?
If a passphrase is used on a key, it has to be entered before it can be
used. Most folks want the servers to boot unattended. With a
passphrase on the server key, you would have to type it in before the
server could use the key.
Also, a user's key tends to be more mobile. It might be used on less
well secured machines, or might even be in an NFS exported home
directory.
-- Darren Dunham ddunham@taos.com Senior Technical Consultant TAOS http://www.taos.com/ Got some Dr Pepper? San Francisco, CA bay area < This line left intentionally blank to confuse you. >
- Previous message: Torsten Bronger: "Keyphrase for the server's secret key"
- Maybe in reply to: Torsten Bronger: "Keyphrase for the server's secret key"
- Next in thread: Torsten Bronger: "Re: Keyphrase for the server's secret key"
- Reply: Torsten Bronger: "Re: Keyphrase for the server's secret key"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
