Re: scp from cron fails
From: Richard E. Silverman (res_at_qoxp.net)
Date: 12/24/04
- Previous message: all mail refused: "Re: pscp ls --time-style=long-iso display"
- In reply to: Chuck: "Re: scp from cron fails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 23 Dec 2004 20:43:59 -0500
>>>>> "Chuck" == Chuck <skilover_nospam@softhome.net> writes:
Chuck> | You can save the agent environment variables someplace and
Chuck> source them | from the cron job, or use something like keychain
Chuck> that does this for you.
Chuck> |
Chuck> Newbie question here. Forgive me if the answer to this is in
Chuck> the docs.
Chuck> Doesn't that introduce a security risk? Couldn't anyone with
Chuck> access to that file source it and start masquerading as you?
There is risk, but it is not introduced by the use of this file. The
agent communicates via a named pipe in the filesystem, owned and
accessible only by the user running the agent. If local security is
compromised such that someone else can access the pipe, then he can use
the agent. He can't steal the keys that way, but he can use them while he
maintains access to the agent -- and likely, he'll have enough access to
get at the memory space of the agent process and extract them, if he's
clever enough.
-- Richard Silverman res@qoxp.net
- Previous message: all mail refused: "Re: pscp ls --time-style=long-iso display"
- In reply to: Chuck: "Re: scp from cron fails"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
